Imperva Cyber Community

Expand all | Collapse all

X2020 transparent proxy issue

  • 1.  X2020 transparent proxy issue

    Posted 13 days ago
    I have a strange issue, recently I've added 3 Windows 2008 R2 IIS to my server group, and want to use transparent proxy to inspect SSL traffic. I've been doing the same for my Linux servers for years without issue. After I setting them up, only 1 of them is working with server side port set to 443 encrypted, other 2 require me to set the server port to 80 not-encrypted. But I can't do that since the server are set to accept SSL connection only.

    I did some diagnostics, and notice SecureSphere have proxy arp all traffic on the server side and is interrupting with port 443 traffic even between local servers. If I try to access another local server's 443 port from a server on the same subnet, I'll get an error with incident ID: N/A.

    Imperva X2020 12.1.0.050

    I am thinking maybe my network topology has some issues from the beginning, but Linux servers work, so I am quite puzzled.

    Any idea would be much appreciated.
    #On-PremisesWAF(formerlySecuresphere)

    ------------------------------
    Kenneth Ho
    Metro Broadcast
    ------------------------------

    EDIT: Please let me add that since I added those Windows into the X2020, some of my Linux server groups' TRP have became somewhat unstable, once in awhile, TRP would fail and require a turn off and on in order to get going again. But until now, it only happen while I am inside the GUI a few mins after I edited something.


  • 2.  RE: X2020 transparent proxy issue

    Posted 12 days ago
    Hi Kenneth,

    Are all 3 servers in your server group have different ip's..? If yes, you shouldn't have any issue adding 443 for all 3 of them. Remember to add a new TRP entry for each ip, under reverse proxy tab.

    Thanks


    ------------------------------
    SC
    ------------------------------