Users are bypassing ProxySG policy

<< Back to Knowledge Search



Users are bypassing ProxySG policy
All users have full access to the Internet
None of the users were showing up in the access logs
When debugging, the proxy administrator was unable to obtain a policy trace
Traffic was being redirected via WCCP to the proxy.  Problem can also occur if the proxy is inline


The main problem here is the ProxySG is not intercepting traffic.  There are several places to check to make sure the ProxySG is intercepting.

1.)  In the Management Console ( https://<ip.address.of.proxysg>:8082/ ) go to the Configuration tab > Services > Proxy Services > Restricted Intercept List tab.  Make sure the proxy is configured to "Use Proxy Service rules for interception".

2.)  Click on the Static Bypass List tab (to the left of the Restricted Intercept List tab).  Make sure few, if any rules exist here.  If you have an <All>/<All> rule, meaning any client IP address or subnet can access any server IP address or subnet, delete it and click on the Apply button to save your changes.  If you do have rules in here, make sure the rules are not overly generous.  Make sure you understand the source and destination IP addresses or subnets and that you are OK with the bypass.

3.)  Click on the Proxy Services tab (to the left of the Static Bypass List tab).  If you are running SGOS 5.4 (or any other version that uses service groups), look at the "Standard" service group and make sure that port 80 is set to "Intercept".  If you are configured using WCCP, make sure that any ports that are being redirected via WCCP are also set to "Intercept".  If the ports do not fall under the "Standard" service group, then you may need to look for the ports under the other service groups.  Once you make your changes, click on the "Apply" button to save your changes.


Additional Information
Bug Number
InQuira Doc IdKB3502

Article Feedback

Hide Properties
First Published      10/01/2014
Last Modified      10/01/2014
Last Published      10/01/2014
Article Audience
Product      ProxySG
Software      SGOS 5
Topic      Access Logging, Configuration / WUI / CLI, Debugging, Installation / Configuration, Networking, Policy Management, Usability
Article Number      000014407
Was this helpful?
Previous MonthNext Month