Configure an Upstream Proxy

Configure an Upstream Proxy

The appliance requires a connection to port 443 on config-<tenant-URL> and messenger-<tenant-URL> for management connectivity. If an upstream proxy is deployed in the network, and the port 443 traffic needs to be routed via a proxy, configure the proxy hostname and port. You can also set up authentication to manage the traffic that is sent to your proxy server.

  1. To configure a proxy, enter these commands at the configuration prompt:
    nsappliance(config)# set management-plane upstream-proxy-server hostname 10.136.210.17 nsappliance(config)# set management-plane upstream-proxy-server port 8080 nsappliance(config)# set management-plane upstream-proxy-server username <user-name> nsappliance(config)# set management-plane upstream-proxy-server password <password> Password:  Confirm password: nsappliance(config)# save 

    You can setup authentication with your proxy only if the appliance is running in OPLP and/or CDPP modes.If the proxy is configured to intercept SSL traffic, then you need to allowlist the traffic to config-<tenant-URL> and messenger-<tenant-URL>.It is also important to note that KMIP Forwarder tunnels KMIP traffic using SSH, which requires direct connectivity to remotesvc-<tenant-URL> on port 22 and can’t be proxied at this time.

  2. To save the proxy configuration, enter save at the configuration prompt.
Share this Doc

Configure an Upstream Proxy

Or copy link

In this topic ...