profile (icap-redirect)
Syntax
profile name { fallback-option { connectivity (block | log-permit | permit); default-action (block | log-permit | permit); timeout (block | log-permit | permit); } http { redirect-request redirect-request; redirect-response redirect-response; } server name { authorization { authorization-type authorization-type; credentials (ascii ascii | base64 base64); } host host; port port; reqmod-uri reqmod-uri; respmod-uri respmod-uri; routing-instance ri-name; sockets sockets; tls-profile tls-profile; } timeout timeout; }
Hierarchy Level
[edit services]
Description
Configure the ICAP redirect profile.
The ICAP server profile allows the ICAP server to process request messages, response messages, fallback options, and so on, for the permitted traffic.
When you configure an ICAP redirect service on SRX Series Firewalls, you must configure the ICAP redirect profile. The ICAP redirect profile defines the settings for ICAP server to process request messages, response messages, fallback options incase of a timeout, connectivity issues, too many requests, or other conditions.
This profile is applied to a security policy as an application service when the traffic is permitted by the security policy.
Options
profile name | ICAP redirect profile name. |
fallback-option | Fallback options to specify the actions the device applies if the ICAP server is unavailable. |
http | Redirect request and redirect response for HTTP traffic.
|
timeout | Server response timeout in milliseconds. Timeout is the interval after which the server is considered inactive if there is no response from the server. A new incoming requests can bypass inactive status server.
|
Required Privilege Level
security—To view this statement in the configuration.
security-control—To add this statement to the configuration.
Release Information
Statement introduced in Junos OS Release 18.1 R1.