ProxySG & Advanced Secure Gateway

Hi , 

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology 

proxy using two interface 0:0 and 0:1 
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

Unfortunately not, it will just go out the interface which is on the same subnet as the default gateway and you can't specify the source interface.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:00 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Is there any command for ping 0:1 as source to Internet for example or how make tracert from specific interface in proxy . 

Thanks & Best Regards,

Mohamed Mohsen

+966 56175 6647

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

Original Message:
Sent: 9/24/2021 8:21:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Unfortunately not, it will just go out the interface which is on the same subnet as the default gateway and you can't specify the source interface.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:00 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Is there any command for ping 0:1 as source to Internet for example or how make tracert from specific interface in proxy . 

Thanks & Best Regards,

Mohamed Mohsen

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

Well it depends if you have "return to sender" enabled, in which case it wouldn't matter as the return traffic would just go back the same way it came in. Also, you already stated that the users are able to ping the proxy on the IP address of interface 0:1.

Paul
Original Message:
Sent: 09-24-2021 08:26 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Thanks, 

I think that the users subnet not defined in static route in proxy is the reason that the 0:1 ip address not access able the internet , do you think that's right ?

Thanks & Regards,

Mohamed Mohsen Regional PS Consultant
King Fahad Road, Tulip Tower, 3rd Floor,  office # 1, P.O. Box 295833 Riyadh 11351 -  Kingdom of Saudi Arabia	M: +966 5 61756647 M: +201005054885  W: www.starlinkme.net

 

Original Message:
Sent: 9/24/2021 8:21:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Unfortunately not, it will just go out the interface which is on the same subnet as the default gateway and you can't specify the source interface.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:00 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Is there any command for ping 0:1 as source to Internet for example or how make tracert from specific interface in proxy . 

Thanks & Best Regards,

Mohamed Mohsen

+966 56175 6647

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

Sent: 9/24/2021 8:30:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Well it depends if you have "return to sender" enabled, in which case it wouldn't matter as the return traffic would just go back the same way it came in. Also, you already stated that the users are able to ping the proxy on the IP address of interface 0:1.

Paul
Original Message:
Sent: 09-24-2021 08:26 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Thanks, 

I think that the users subnet not defined in static route in proxy is the reason that the 0:1 ip address not access able the internet , do you think that's right ?

Original Message:
Sent: 9/24/2021 8:21:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Unfortunately not, it will just go out the interface which is on the same subnet as the default gateway and you can't specify the source interface.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:00 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Is there any command for ping 0:1 as source to Internet for example or how make tracert from specific interface in proxy . 

Thanks & Best Regards,

Mohamed Mohsen

+966 56175 6647

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

As I say, it probably already is enabled if your users can ping the 0:1 interface.

Paul
Original Message:
Sent: 09-24-2021 08:34 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

yes , the users able to ping the 0:1 ip address , so should  i  enable "return to sender "  , right ?

Thanks & Regards,

Mohamed Mohsen Regional PS Consultant
King Fahad Road, Tulip Tower, 3rd Floor,  office # 1, P.O. Box 295833 Riyadh 11351 -  Kingdom of Saudi Arabia	M: +966 5 61756647 M: +201005054885  W: www.starlinkme.net

 

Original Message:
Sent: 9/24/2021 8:30:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Well it depends if you have "return to sender" enabled, in which case it wouldn't matter as the return traffic would just go back the same way it came in. Also, you already stated that the users are able to ping the proxy on the IP address of interface 0:1.

Paul
Original Message:
Sent: 09-24-2021 08:26 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Thanks, 

I think that the users subnet not defined in static route in proxy is the reason that the 0:1 ip address not access able the internet , do you think that's right ?

Thanks & Regards,

Mohamed Mohsen Regional PS Consultant
King Fahad Road, Tulip Tower, 3rd Floor,  office # 1, P.O. Box 295833 Riyadh 11351 -  Kingdom of Saudi Arabia	M: +966 5 61756647 M: +201005054885  W: www.starlinkme.net

 

Original Message:
Sent: 9/24/2021 8:21:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Unfortunately not, it will just go out the interface which is on the same subnet as the default gateway and you can't specify the source interface.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:00 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Is there any command for ping 0:1 as source to Internet for example or how make tracert from specific interface in proxy . 

Thanks & Best Regards,

Mohamed Mohsen

+966 56175 6647

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

Original Message:
Sent: 9/24/2021 8:42:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

As I say, it probably already is enabled if your users can ping the 0:1 interface.

Paul
Original Message:
Sent: 09-24-2021 08:34 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

yes , the users able to ping the 0:1 ip address , so should  i  enable "return to sender "  , right ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:30:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Well it depends if you have "return to sender" enabled, in which case it wouldn't matter as the return traffic would just go back the same way it came in. Also, you already stated that the users are able to ping the proxy on the IP address of interface 0:1.

Paul
Original Message:
Sent: 09-24-2021 08:26 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Thanks, 

I think that the users subnet not defined in static route in proxy is the reason that the 0:1 ip address not access able the internet , do you think that's right ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:21:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Unfortunately not, it will just go out the interface which is on the same subnet as the default gateway and you can't specify the source interface.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:00 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Is there any command for ping 0:1 as source to Internet for example or how make tracert from specific interface in proxy . 

Thanks & Best Regards,

Mohamed Mohsen

+966 56175 6647

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

or should enable "return to sender " for both inbound and outbound ?
Original Message:
Sent: 09-24-2021 08:46 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

so , could you help me ? 

what should i do, if it's already enabled  ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:42:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

As I say, it probably already is enabled if your users can ping the 0:1 interface.

Paul
Original Message:
Sent: 09-24-2021 08:34 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

yes , the users able to ping the 0:1 ip address , so should  i  enable "return to sender "  , right ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:30:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Well it depends if you have "return to sender" enabled, in which case it wouldn't matter as the return traffic would just go back the same way it came in. Also, you already stated that the users are able to ping the proxy on the IP address of interface 0:1.

Paul
Original Message:
Sent: 09-24-2021 08:26 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Thanks, 

I think that the users subnet not defined in static route in proxy is the reason that the 0:1 ip address not access able the internet , do you think that's right ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:21:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Unfortunately not, it will just go out the interface which is on the same subnet as the default gateway and you can't specify the source interface.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:00 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Is there any command for ping 0:1 as source to Internet for example or how make tracert from specific interface in proxy . 

Thanks & Best Regards,

Mohamed Mohsen

+966 56175 6647

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

I've already suggested what you need to do next in my first reply.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:52 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

or should enable "return to sender " for both inbound and outbound ?
Original Message:
Sent: 09-24-2021 08:46 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

so , could you help me ? 

what should i do, if it's already enabled  ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:42:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

As I say, it probably already is enabled if your users can ping the 0:1 interface.

Paul
Original Message:
Sent: 09-24-2021 08:34 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

yes , the users able to ping the 0:1 ip address , so should  i  enable "return to sender "  , right ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:30:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Well it depends if you have "return to sender" enabled, in which case it wouldn't matter as the return traffic would just go back the same way it came in. Also, you already stated that the users are able to ping the proxy on the IP address of interface 0:1.

Paul
Original Message:
Sent: 09-24-2021 08:26 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Thanks, 

I think that the users subnet not defined in static route in proxy is the reason that the 0:1 ip address not access able the internet , do you think that's right ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:21:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Unfortunately not, it will just go out the interface which is on the same subnet as the default gateway and you can't specify the source interface.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:00 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Is there any command for ping 0:1 as source to Internet for example or how make tracert from specific interface in proxy . 

Thanks & Best Regards,

Mohamed Mohsen

+966 56175 6647

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

In my experience, you need to enable inbound return-to-sender  (enabled by default on new installations) but also overwrite-static-route (not enabled by default).
Original Message:
Sent: 09-24-2021 08:52 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

or should enable "return to sender " for both inbound and outbound ?
Original Message:
Sent: 09-24-2021 08:46 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

so , could you help me ? 

what should i do, if it's already enabled  ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:42:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

As I say, it probably already is enabled if your users can ping the 0:1 interface.

Paul
Original Message:
Sent: 09-24-2021 08:34 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

yes , the users able to ping the 0:1 ip address , so should  i  enable "return to sender "  , right ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:30:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Well it depends if you have "return to sender" enabled, in which case it wouldn't matter as the return traffic would just go back the same way it came in. Also, you already stated that the users are able to ping the proxy on the IP address of interface 0:1.

Paul
Original Message:
Sent: 09-24-2021 08:26 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Thanks, 

I think that the users subnet not defined in static route in proxy is the reason that the 0:1 ip address not access able the internet , do you think that's right ?

Thanks & Regards,

Original Message:
Sent: 9/24/2021 8:21:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Unfortunately not, it will just go out the interface which is on the same subnet as the default gateway and you can't specify the source interface.

Regards
Paul
Original Message:
Sent: 09-24-2021 08:00 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Is there any command for ping 0:1 as source to Internet for example or how make tracert from specific interface in proxy . 

Thanks & Best Regards,

Mohamed Mohsen

+966 56175 6647

Original Message:
Sent: 9/24/2021 7:44:00 AM
From: Paul Riddington
Subject: RE: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hello,

You would need to run a packet capture on the proxysg to work out what is happening to requests when both coming into, and leaving the 0:1 interface. At the same time, you should also run a policy trace based on the client IP address making the requests. Also, you should disable any bridge mode settings for the 0:0 and 0:1 interfaces if there are any.

Regards
Paul
Original Message:
Sent: 09-24-2021 07:22 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

we need to make 0:1 forward traffic to internet by using it's ip in browser proxy setting , or how troubleshooting that
Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

I have almost the same configuration on my environtmen  we use  3 interfaces, 0:0  for management  1:0 internet  and 2:0  Intranet the only difference is as follows, maybe you could check on your side, irect on the network adapters configuration. 

there are many options, and you could see  When receiving packets on this interface:

i have this configuration 
0:0  and 2:0

Allow  transparent interceptoin

but in  the interface with internet  

i have :
Firewall incoming Traffic.

maybe this is your solution.

Regards

Fermin

Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW

That is the standard/default setup for a proxysg, as you would not normally initiate traffic from behind the WAN interface unless it was a reverse proxy, or managed on that interface.

Regards
Paul
Original Message:
Sent: 09-27-2021 07:46 AM
From: Fermin Rodriguez Torres
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

I have almost the same configuration on my environtmen  we use  3 interfaces, 0:0  for management  1:0 internet  and 2:0  Intranet the only difference is as follows, maybe you could check on your side, irect on the network adapters configuration. 

there are many options, and you could see  When receiving packets on this interface:

i have this configuration
0:0  and 2:0

Allow  transparent interceptoin

but in  the interface with internet  

i have :
Firewall incoming Traffic.

maybe this is your solution.

Regards

Fermin

Original Message:
Sent: 09-24-2021 07:18 AM
From: Unknown User
Subject: traffic interface0:1 no able to make users access internet , although 0:0 able to do that

Hi ,

I have proxy deployed explicate with two interfaces , one 0:0 for management with ip address 10.20.173.80 and proxy have default gateway 10.20.173.1
and interface 0:1 for internal traffic with ip 10.20.170.23 ,  users have reachability for the both ip's by using ping , when we enter the ip management in browser proxy setting was able to access internet browsing , but when enter the ip address in proxy browser setting for traffic interface the users not able to reach internet, although both ip's in the same policy in FW , and FW not see any traffic from internal interface of proxy (0:1) , can anyone help me ?

Deployment topology

proxy using two interface 0:0 and 0:1
0:0 ip address 10.20.173.80
0:1 ip address 10.20.170.23
proxy GW 10.20.173.1
Proxy >>>switch >>FW