Help Center User GuideGetting Started
 
X
User Guide
Getting Started
Contents  

ICAP Redirect Profile Configuration Page Options

The Internet Content Adaptation Protocol (ICAP) is a lightweight protocol used to extend transparent proxy servers, thereby freeing up resources and standardizing the way in which new features are implemented. ICAP is generally used to implement virus scanning and content filters in transparent HTTP proxy caches. It also concentrates on leveraging edge-based devices (caching proxies) to help deliver value-added services. At the core of this process is a cache that will proxy all client transactions and will process them through ICAP web servers.

On SRX devices, the device works as SSL proxy and decrypts pass through traffic with proper SSL profile under the permission of policy. It decrypts the HTTPS traffic and redirects HTTP message to third party on premises DLP server using Internet Content Adaptation Protocol (ICAP) channel.

Procedure

  1. Select Configure>Security>ICAP Redirect Profile in the J-Web user interface.

    The ICAP Redirect Profile configuration page appears.

  2. Click one:
    • Server Status—Fetches and displays the ICAP Redirect server details in a new window. It shows the ICAP profile name, server name, and its status.

    • Add—Create a new ICAP Redirect profile configuration. Enter information as specified in Table 256.

    • Edit—Edits the selected ICAP Redirect profile configuration.

    • Delete—Deletes the selected assign to interfaces configuration.

  3. Click one:
    • OK—Saves the configuration and returns to the main configuration page.

    • Commit Options>Commit—Commits the configuration and returns to the main configuration page.

    • Cancel—Cancels your entries and returns to the main configuration page.

Table 256: Create-Edit ICAP Redirect Profile

Field FunctionAction
Firewall Filters

Name

Displays the ICAP Service profile name.

Enter a unique string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed; maximum length is 63 characters.

Timeout

Displays the server response timeout in miliseconds.

Enter the server response timeout in milliseconds. The range is between 100 milliseconds to 50000 milliseconds.

HTTP Redirect Option

Request

Enables redirect service on HTTP request

Select to enable redirect service on HTTP request.

Response

Enables redirect service on HTTP response.

Select to enable redirect service on HTTP response.

ICAP Server

You can configure ICAP Redirection server by the following options:

Add—Create an ICAP Redirect server. Enter information as specified in Table 257.

Edit—Edit an ICAP Redirect server configuration. Enter information as specified in Table 257.

Fallback Opion

Timeout Action

Specifies the request timeout action when the request is sent to the server.

Select the timeout action from he dropdown list. The available options are: None, Permit, Log Permit, and Block.

Connectivity Action

Specifies that request cannot be sent out due to connection issues.

Default Action

Specifies the default failure action to be taken when there are scenarios other than the above two mentioned ones.

Table 257: Create-Edit ICAP Redirect Server

Field FunctionAction
 

Name

Displays the ICAP Redirect server name.

Enter a unique string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed; maximum length is 63 characters.

Host Type*

Specifies whether the host type is a host name or host IP address..

Select Name or IP address.

Host

Specifies the host name or host IP address depending on what host type you chose as the Host Type.

Enter the host name or host IP address.

Port

Specifies the port in the server. This is the server listening post and the default port will be reached according to protocol defined.

Enter the port number. The range is between 1025 and 65534.

Sockets

Specifies the number of connections to be created.

Enter the number of connections. The range is between 1 and 64.

Authentication

Authorization Type

Specifies the type of authentication.

Credential Type

Credentials

Specifies the credentials for the server.

Select the credential type as ASCII or Base64.

Based on the Credential Type that you choose, enter the ASCII string or Base64 string.

URL

Request MOD

Specifies the reqmod uri that can be configured for ICAP server only.

Select to enable redirect service on HTTP request.

Response MOD

Specifies the respmod uri that can be configured for ICAP server only.

Select to enable redirect service on HTTP response.

Routing Instance

Specifies the virtual router that is used for launching.

Select the routing instance from the dropdown list.

SSL Initiation Profile

Specifies the TLS profile.

Select the SSL initiation profile from the dropdown list.

See Also

Help us to improve. Rate this article.
Feedback Received. Thank You!

Ask questions in TechWiki

Check documentation in TechLibrary

Rating by you:      
X

Additional Comments

800 characters remaining

May we contact you if necessary?

Name:
Email:

Need product assistance? Contact Juniper Support

Submit