Go to the table of contents Go to the previous page Go to the next page View or print as PDF
ARM
Help | Content Gateway | Version 7.8.x
The Adaptive Redirection Module (ARM) performs several essential functions including sending device notifications for cluster communication interface failover and inspection of incoming packets before the IP layer sees them, readdressing them for Content Gateway processing.
The ARM is always active. For more information, see The ARM.
Configure > Networking > ARM > General
 
Displays the redirection rules in the ipnat.conf file that specify how incoming packets are readdressed when the proxy is serving traffic transparently. Content Gateway creates redirection rules during installation. You can modify these rules.
Lists the ipnat.conf file rules. Select a rule to edit it. The buttons on the left of the box allow you to delete or move the selected rule up or down in the list.
When dns is selected, the ARM redirects DNS traffic to Content Gateway: otherwise, DNS traffic is bypassed.
Click Apply before you click Close; otherwise, all configuration changes are discarded.
IP Spoofing: Enabled/Disabled
WARNING: IP spoofing requires precise control of the routing paths on your network, overriding the normal routing process for traffic running on TCP port 80 and 443.
In the Client IP Addresses field, enter a comma separated list of individual IP addresses and/or IP address ranges. Do not use spaces.
In the Specified IP Address field, enter the IP address to use with matching clients. This is the spoofed IP address.
Configure > Networking > ARM > Static Bypass
Static bypass rules route requests around the proxy (bypass). Rules can be defined for clients (sources), origin servers (destinations), or both (pairs). See Static bypass rules.
 
Important 
 
Lists the bypass.config file rules. Select a rule to edit it. The buttons on the left of the box allow you to delete or move the selected rule up or down in the list.
A bypass rule bypasses specified incoming requests.
A deny_dyn_bypass rule prevents the proxy from bypassing specified incoming client requests dynamically (a deny bypass rule can prevent Content Gateway from bypassing itself).
Click Apply before you click Close; otherwise, all configuration changes will be lost.
Configure > Networking > ARM > Dynamic Bypass
 
Select Enabled to enable dynamic bypass when Content Gateway encounters non-HTTP traffic on port 80.
Select Disabled to disable dynamic bypass when Content Gateway encounters non-HTTP traffic on port 80.
Select Source-Destination to enable dynamic source/destination bypass when Content Gateway encounters non-HTTP traffic on port 80.
Select Destination Only to enable dynamic destination bypass when Content Gateway encounters non-HTTP traffic on port 80.
Select Enabled to enable dynamic bypass when an origin server returns a 400 error.
Select Disabled to disable dynamic bypass when an origin server returns a 400 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 400 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 400 error.
Select Enabled to enable dynamic bypass when an origin server returns a 401 error.
Select Disabled to disable dynamic bypass when an origin server returns a 401 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 401 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 401 error.
Select Enabled to enable dynamic bypass when an origin server returns a 403 error.
Select Disabled to disable dynamic bypass when an origin server returns a 403 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 403 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 403 error.
Select Enabled to enable dynamic bypass when an origin server returns a 405 error.
Select Disabled to disable dynamic bypass when an origin server returns a 405 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 405 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 405 error.
Select Enabled to enable dynamic bypass when an origin server returns a 406 error.
Select Disabled to disable dynamic bypass when an origin server returns a 406 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 406 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 406 error.
Select Enabled to enable dynamic bypass when an origin server returns a 408 error.
Select Disabled to disable dynamic bypass when an origin server returns a 408 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 408 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 408 error.
Select Enabled to enable dynamic bypass when an origin server returns a 500 error.
Select Disabled to disable dynamic bypass when an origin server returns a 500 error.
Select Source-Destination to enable dynamic source/destination bypass when an origin server returns a 500 error.
Select Destination Only to enable dynamic destination bypass when an origin server returns a 500 error.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Copyright 2016 Forcepoint LLC. All rights reserved.