ProxySG & Advanced Secure Gateway

 View Only

 TCP Forwarding policy question

Jump to Best Answer
Furil's profile image
Furil posted Mar 20, 2022 04:09 AM
Hello,

I did a forwarding policy in order to solve the SFTP issue which is not supported by default by the proxySG.
To make it short now user is able to connect on example.com by executing the following command :

sftp -P 8088 exampleuser@proxyname

The server executing this command will automatically forwarded to example.com.

My question is how can we add proxy authentication in this process ? I mean if we have two authentication :

- proxy authentication
- example.com authentication

I am not asking how to setup on the proxy itself but on the server instead... because here the user is directly forwarded to example.com, if we use the proxyID then the same username will be used for example.com autotmatically which are totally different account. I am having difficulties because proxy is used as "destination" in order to access to example.com so there is no "intermediate proxy" in the command that can be added.
Unless proxy authentication is not planned to be used for this type of configuration ?

Thanks in advance for your help

Furil

Manfred Proell's profile image
Manfred Proell posted Jun 07, 2022 12:03 PM Best Answer
Hello Furil,
you can't authenticate at the proxy with a simple forwarding.

You'd need to do either SOCKs protocol or you just tunnel this traffic within https. With this you can simply do authentication as with normal traffic.

Hope that helps somehow,
Manfred
Furil's profile image
Furil posted Jun 11, 2022 04:16 AM
Hello,

Thank you for your answer ! :)

Best regards,
Furil