Hi All
this isn't a cisco specific question, but as I couldn't find a generic networking forum I figured this would be a good place to start. I'm currently troubleshooting an application level problem where the vendor says that there is a transparent proxy (vendor has no access to the proxy or the network equipment). What I want to know is, if I run netstat (or wireshark) where would I see the TCP session to? To the transparent proxy or to the destination host (eg web server) ?
Part of me thinks it would be to the eventual host, given that the client doesn't know about the proxy. But part of me thinks it would have to be to the proxy, as part of the reason why an organisation would have a proxy would be (for example) so that they can restrict internet access on their firewalls, and therefore the tcp session would have to be to the proxy (because the required TCP port might not be open to the destination server).
The reason I'm putting this in a networking forum as opposed to a proxy forum is that I don't beleive transparent proxies work any differently to regular proxies (correct me if I'm wrong) and that it's actually the network config (policy based routing etc) that makes the proxy transparent. But I don't quiet understand how this affects/changes the TCP session - does the router/firewall/something else send an ICMP redirect back to the client ? Or Does the proxy somehow "proxy" the TCP handshake also so tha the client doens't know any better ? (personally I would have thought this wouldn't be allowed/possible)
Any advice would be greatly appreciated
Thanks !!
Irish Poetry - Karen O'Connor
Irish Poetry and Short Stories - Doghouse Books
Garten und Landschaftsbau
this isn't a cisco specific question, but as I couldn't find a generic networking forum I figured this would be a good place to start. I'm currently troubleshooting an application level problem where the vendor says that there is a transparent proxy (vendor has no access to the proxy or the network equipment). What I want to know is, if I run netstat (or wireshark) where would I see the TCP session to? To the transparent proxy or to the destination host (eg web server) ?
Part of me thinks it would be to the eventual host, given that the client doesn't know about the proxy. But part of me thinks it would have to be to the proxy, as part of the reason why an organisation would have a proxy would be (for example) so that they can restrict internet access on their firewalls, and therefore the tcp session would have to be to the proxy (because the required TCP port might not be open to the destination server).
The reason I'm putting this in a networking forum as opposed to a proxy forum is that I don't beleive transparent proxies work any differently to regular proxies (correct me if I'm wrong) and that it's actually the network config (policy based routing etc) that makes the proxy transparent. But I don't quiet understand how this affects/changes the TCP session - does the router/firewall/something else send an ICMP redirect back to the client ? Or Does the proxy somehow "proxy" the TCP handshake also so tha the client doens't know any better ? (personally I would have thought this wouldn't be allowed/possible)
Any advice would be greatly appreciated
Thanks !!
Irish Poetry - Karen O'Connor
Irish Poetry and Short Stories - Doghouse Books
Garten und Landschaftsbau