secure-proxy
Syntax
secure-proxy { profile name { drop-on-dns-error; dynamic-web-application; dynamic-web-application-group; proxy-address name { ip ip-address; port port-number; } } }
Hierarchy Level
[edit services web-proxy]
Description
Configure secure Web proxy profile.
When you configure secure Web proxy on SRX Series Firewall, it intercepts the session and allows sessions that are interested in specific application and are destined to a configured external web-proxy. The device connects sessions directly to the Web server bypassing the external proxy server. Connections that do not match the applications are routed to the external proxy server.
Since the Secure Web proxy forwards traffic based on applications either to the external proxy server or to the Web server, you can define the routing behavior based on applications. For example, you can specify Office 365 application group in secure Web proxy profile to bypass the external proxy server for connections to Office 365.
To configure secure Web proxy on the SRX Series Firewall, you must define a Web proxy profile by specifying external proxy server details and dynamic application. You can associate this secure Web proxy profile with security policy. The secure Web profile is applied on the traffic matching the application and security policy. The session is now allowed to bypass the external proxy server and connect to the Web server directly.
Options
profile name | Name of the secure Web proxy profile. |
drop-on-dns-error | Drop the Web proxy session on DNS error. |
dynamic-web-application | Dynamic web application. |
dynamic-web-application-group | Dynamic web application group. |
proxy-address name | Name of the external proxy server. |
ip ip-address | IP address of the external proxy server. |
port port-number | Port number of the external proxy server. |
Required Privilege Level
flow-tap
Release Information
Statement introduced in Junos OS Release 19.2R1.