Imperva Cyber Community

communities_1.jpg
 View Only
  • 1.  WAF|Reverse Proxy |URI

    Posted 09-12-2020 09:37
    Dear All,

    Could you please help to achieve below scenario:

    1. Customer wants to have URI(xyz.com/resource) based access where imperva waf to have map this URI with application IP while Load balancer will only know about URL(xyz.com) not URI((xyz.com/resource)
    2.Customer wants to have a POOL of IP for internal address VIP at waf as a source NAT pool for connecting to application

    Below is the flow: Imperva WAF securesphere in kernel reverse proxy mode

    Internet>FW>SSLV>upstream LB>WAF(external address)>WAF(internal address)>downstream LB>internal FW>Application

    Regards,
    Amit



    ------------------------------
    Amitk
    ------------------------------


  • 2.  RE: WAF|Reverse Proxy |URI

    Posted 09-12-2020 15:04
    Hi Amit,

    If I understand your question correctly, you may map xyz.com/resource with multiple application ip's (since its pool), something like this:-

    krp


    ------------------------------
    SC
    ------------------------------



  • 3.  RE: WAF|Reverse Proxy |URI

    Posted 09-14-2020 05:27
    Edited by Amit Kumar 09-14-2020 05:59
    Hi Shantanu,

    Thanks for the revert.its very Useful.

    Could you please Also confirm for 2nd point as well(Customer wants to have a POOL of IP for internal address VIP at waf as a source NAT pool for connecting to application).
    Customer wants ,per application there shall be one static ip for outbound(From LB to WAF) and POOL of ip for inbound(From WAF to application server) & whenever LB connects with WAF on outbound VIP,WAF shall initiate a connection with application server from one of the ip available from that Pool.


    ------------------------------
    Amitk
    ------------------------------