Configuring TCP-UDP Proxy Servers
The TCP/UDP Proxy Servers table lets you configure up to 10 TCP/UDP proxy servers. This table allows you to configure the device as a proxy for other applications that are not based on HTTP. For example, it can be used to intermediate between clients and a DNS server for DNS lookup, or between clients and an NTP server for clock synchronization.
As the 'Bind To Device' feature (see Configuring HTTP Proxy Servers) is not available for TCP/UDP servers, if you are experiencing issues with routing relating to TCP/UDP servers, you should add static routes (see Configuring Static IP Routes) for these upstream servers.
The following procedure describes how to configure a TCP-UDP Proxy Server through the Web interface. You can also configure it through ini file [TcpUdpServer] or CLI (configure network > http-proxy > tcp-udp-server).
➢ | To configure a TCP/UDP Proxy Server: |
1. | Enable the HTTP Proxy application, as described in Enabling the HTTP Proxy Application. |
2. | Open the TCP/UDP Proxy Servers table (Setup menu > IP Network tab > HTTP Proxy folder > TCP/UDP Proxy Servers). |
3. | Click New; the following dialog box appears: |
4. | Configure a TCP/UDP Proxy Server according to the parameters described in the table below. |
5. | Click Apply, and then save your settings to flash memory. |
TCP/UDP Proxy Servers Table Parameter Descriptions
Parameter |
Description |
||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
General | |||||||||||||
'Index' [Index] |
Defines an index number for the new table row. Note:
|
||||||||||||
'Name' name [Name] |
Defines a descriptive name, which is used when associating the row in other tables. The valid value is a string of up to 40 characters. By default, no value is defined. Note:
|
||||||||||||
'Additional Directive Set' directive-set [AdditionalDirectiveSet] |
Assigns an NGINX Directive Set for the HTTP service. To configure HTTP Directive Sets, see Configuring HTTP Directive Sets. |
||||||||||||
Listen Parameters |
|||||||||||||
'Listening Interface' listen-interface [ListeningInterface] |
Assigns a local IP network interface for the listening (source) interface for communication with the TCP-UDP proxy server. To configure IP Interfaces, see Configuring IP Network Interfaces. By default, no value is defined. Note:
|
||||||||||||
'TCP Listening Port' tcp-port [TCPListeningPort] |
Defines the TCP port of the listening interface. Note:
|
||||||||||||
'UDP Listening Port' udp-port [UDPListeningPort] |
Defines the TCP port of the listening interface. Note:
|
||||||||||||
'Listen Side SSL' listen-use-ssl [ListenUseSSL] |
Enables TLS on the listening side (i.e., listening to incoming connection requests).
Note: The NGINX directive for this parameter is "listen ip:port ssl". |
||||||||||||
'Listen TLS Context' listen-tls-context [ListenTLSContext] |
Assigns a TLS Context (TLS certificate) for the listening side. This is required if you have configured the 'Listen Side SSL' parameter to Enable (see above). To configure TLS Contexts, see Configuring TLS Certificate Contexts. Note: The NGINX directives for this parameter is "ssl_certificate", "ssl_certificate_key", "ssl_ciphers", "ssl_protocols", and "ssl_password_file". |
||||||||||||
Upstream Parameters |
|||||||||||||
'Upstream Group' upstream-group [UpstreamGroup] |
Assigns a group of servers (Upstream Group) to which to forward connection requests. To configure Upstream Groups, see Configuring Upstream Groups. Note:
|
||||||||||||
'Outbound Interface' outbound-interface [OutboundInterface] |
Assigns a local, IP network interface for communicating with the Upstream Group. To configure IP network interfaces, see Configuring IP Network Interfaces. By default, no value is defined. Note:
|
||||||||||||
'Upstream Side SSL' upstream-use-ssl [UpstreamUseSSL] |
Enables TLS for securing connection requests with the Upstream Group.
Note:
|
||||||||||||
'Upstream TLS Context' upstream-tls-context [UpstreamTLSContext] |
Assigns a TLS Context for the TLS connection with the HTTP location. To configure TLS Contexts, see Configuring TLS Certificate Contexts. Note:
|
||||||||||||
'Upstream Verify Certificate' upstream-verify-cert [UpstreamVerifyCertificate] |
Enables TLS certificate verification of the Upstream Host on outgoing connection requests to the Upstream Group, when the connection is TLS.
Note:
|