config web-proxy explicit
Configure explicit Web proxy settings.
config web-proxy explicit
Description: Configure explicit Web proxy settings.
set status [enable|disable]
set ftp-over-http [enable|disable]
set socks [enable|disable]
set http-incoming-port {user}
set https-incoming-port {user}
set ftp-incoming-port {user}
set socks-incoming-port {user}
set incoming-ip {ipv4-address-any}
set outgoing-ip {ipv4-address-any}
set ipv6-status [enable|disable]
set incoming-ip6 {ipv6-address}
set outgoing-ip6 {ipv6-address}
set strict-guest [enable|disable]
set pref-dns-result [ipv4|ipv6]
set unknown-http-version [reject|best-effort]
set realm {string}
set sec-default-action [accept|deny]
set https-replacement-message [enable|disable]
set message-upon-server-error [enable|disable]
set pac-file-server-status [enable|disable]
set pac-file-url {user}
set pac-file-server-port {user}
set pac-file-name {string}
set pac-file-data {user}
config pac-policy
Description: PAC policies.
edit <policyid>
set status [enable|disable]
set srcaddr <name1>, <name2>, ...
set srcaddr6 <name1>, <name2>, ...
set dstaddr <name1>, <name2>, ...
set pac-file-name {string}
set pac-file-data {user}
set comments {var-string}
next
end
set ssl-algorithm [high|medium|...]
set trace-auth-no-rsp [enable|disable]
end
config web-proxy explicit
|
Parameter |
Description |
Type |
Size |
|||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
status |
Enable/disable the explicit Web proxy for HTTP and HTTPS session. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
ftp-over-http |
Enable to proxy FTP-over-HTTP sessions sent from a web browser. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
socks |
Enable/disable the SOCKS proxy. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
http-incoming-port |
Accept incoming HTTP requests on one or more ports . |
user |
Not Specified |
|||||||||
|
https-incoming-port |
Accept incoming HTTPS requests on one or more ports . |
user |
Not Specified |
|||||||||
|
ftp-incoming-port |
Accept incoming FTP-over-HTTP requests on one or more ports . |
user |
Not Specified |
|||||||||
|
socks-incoming-port |
Accept incoming SOCKS proxy requests on one or more ports . |
user |
Not Specified |
|||||||||
|
incoming-ip |
Restrict the explicit HTTP proxy to only accept sessions from this IP address. An interface must have this IP address. |
ipv4-address-any |
Not Specified |
|||||||||
|
outgoing-ip |
Outgoing HTTP requests will have this IP address as their source address. An interface must have this IP address. |
ipv4-address-any |
Not Specified |
|||||||||
|
ipv6-status |
Enable/disable allowing an IPv6 web proxy destination in policies and all IPv6 related entries in this command. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
incoming-ip6 |
Restrict the explicit web proxy to only accept sessions from this IPv6 address. An interface must have this IPv6 address. |
ipv6-address |
Not Specified |
|||||||||
|
outgoing-ip6 |
Outgoing HTTP requests will leave this IPv6. Multiple interfaces can be specified. Interfaces must have these IPv6 addresses. |
ipv6-address |
Not Specified |
|||||||||
|
strict-guest |
Enable/disable strict guest user checking by the explicit web proxy. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
pref-dns-result |
Prefer resolving addresses using the configured IPv4 or IPv6 DNS server . |
option |
- |
|||||||||
|
|
|
|||||||||||
|
unknown-http-version |
Either reject unknown HTTP traffic as malformed or handle unknown HTTP traffic as best as the proxy server can. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
realm |
Authentication realm used to identify the explicit web proxy (maximum of 63 characters). |
string |
Maximum length: 63 |
|||||||||
|
sec-default-action |
Accept or deny explicit web proxy sessions when no web proxy firewall policy exists. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
https-replacement-message |
Enable/disable sending the client a replacement message for HTTPS requests. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
message-upon-server-error |
Enable/disable displaying a replacement message when a server error is detected. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
pac-file-server-status |
Enable/disable Proxy Auto-Configuration (PAC) for users of this explicit proxy profile. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
pac-file-url |
PAC file access URL. |
user |
Not Specified |
|||||||||
|
pac-file-server-port |
Port number that PAC traffic from client web browsers uses to connect to the explicit web proxy . |
user |
Not Specified |
|||||||||
|
pac-file-name |
Pac file name. |
string |
Maximum length: 63 |
|||||||||
|
pac-file-data |
PAC file contents enclosed in quotes (maximum of 256K bytes). |
user |
Not Specified |
|||||||||
|
ssl-algorithm |
Relative strength of encryption algorithms accepted in HTTPS deep scan: high, medium, or low. |
option |
- |
|||||||||
|
|
|
|||||||||||
|
trace-auth-no-rsp |
Enable/disable logging timed-out authentication requests. |
option |
- |
|||||||||
|
|
|
|||||||||||
config pac-policy
|
Parameter |
Description |
Type |
Size |
|||||||
|---|---|---|---|---|---|---|---|---|---|---|
|
status |
Enable/disable policy. |
option |
- |
|||||||
|
|
|
|||||||||
|
srcaddr |
Source address objects. Address name. |
string |
Maximum length: 79 |
|||||||
|
srcaddr6 |
Source address6 objects. Address name. |
string |
Maximum length: 79 |
|||||||
|
dstaddr |
Destination address objects. Address name. |
string |
Maximum length: 79 |
|||||||
|
pac-file-name |
Pac file name. |
string |
Maximum length: 63 |
|||||||
|
pac-file-data |
PAC file contents enclosed in quotes (maximum of 256K bytes). |
user |
Not Specified |
|||||||
|
comments |
Optional comments. |
var-string |
Maximum length: 1023 |
|||||||