You can configure UDP (User Datagram Protocol) when Web Gateway is running as a proxy under the SOCKS protocol.
When traffic going on under the SOCKS protocol is processed by the proxy functions on Web Gateway, traffic that follows UDP can also be detected and forwarded. This traffic is not filtered, but forwarded as it is.
To allow the handling of UDP traffic in this way, you must complete the following configuration activities.
- Set the range of ports that listen to UDP traffic.
- Set a timeout on connections for UDP traffic.
You need not explicitly enable the handling of UDP traffic in addition to configuring these settings, as it is basically enabled by default.
When a client of Web Gateway sends a request for setting up a connection that follows UDP under SOCKS, the command name sent with the request is stored as the value of a property.
The name of the property is Command.Name and its value is SOCKSUDPASSOCIATE then. You can use this property in a rule for monitoring or other purposes.
NOTE: You can also use this property in a rule to disable processing of UDP traffic on Web Gateway.
Use of UDP is also monitored and shown on the dashboard under SOCKS Traffic Summary.
Configure settings for UDP under SOCKS
Configure settings for UDP to enable filtering of traffic that is going on under this protocol when Web Gateway is running as a proxy under the SOCKS protocol.
- Select Configuration | Appliances.
- On the appliances tree, select the appliance you want to configure UDP settings on and click Proxies (HTTP(S), FTP, SOCKS, ICAP ...).
- In the configuration pane, scroll down to SOCKS Proxy. Under Port range for UDP, set the range of ports that listen to UDP traffic.
- Scroll further down to Timeouts for HTTP(S), FTP, ICAP, SOCKS, and UDP. Under UDP timeout, set the timeout on connections for UDP.
- Click Save Changes.