Skip to main content
rajamanickam
rajamanickam
Explorer II
May 11, 2022
Solved

Application detection for a proxy traffic

  • May 11, 2022
  • 3 replies
  • 2762 views

Hi,

  In my scenario, I have one branch and one hub. My proxy server is on the Hub side. End client in branch uses proxy server for internet access. At branch, I want to do internet application steering between two links. Since I am using proxy server for internet access, whether application sensor can detect the application and do traffic steering or this traffic cant be detected with actual application (Example - Gmail) instead it detects this as proxy.http application.  Any one has come across this situation and what is the solution to do application based steering in the proxy server scenario.

 

(This is SDWAN Hub and spoke solution)

Regards

Raja

Best answer by pminarik

I'm afraid I will have to throw a wrench into your plans. Application-based steering wouldn't help you even if the App detection worked.

 

Application-based steering in SD-WAN is implemented as dynamically created and updated ISDB entries (destination IP X + port Y =>  Application Z). Since all of your traffic has the same destination IP:port (the proxy), all of it would always be treated as the most recently identified application, thus rendering any attempts to do per-app steering pointless.

3 replies

seshuganesh
Staff
seshuganesh
Staff
May 12, 2022

I believe all the traffic will be detected as proxy.

so i dont think we can steer applications based on different applications.

Lets wait for our team mates confirmation on this

akristof
Staff
akristof
Staff
May 12, 2022

Hi,

from routing point of view, traffic will be detected only as proxy. So you can use sdwan rule and load-balance traffic to proxy server, but not traffic that is inside the proxy.

    pminarik
    Staff
    pminarikAnswer
    Staff
    May 12, 2022

    I'm afraid I will have to throw a wrench into your plans. Application-based steering wouldn't help you even if the App detection worked.

     

    Application-based steering in SD-WAN is implemented as dynamically created and updated ISDB entries (destination IP X + port Y =>  Application Z). Since all of your traffic has the same destination IP:port (the proxy), all of it would always be treated as the most recently identified application, thus rendering any attempts to do per-app steering pointless.

      rajamanickam
      rajamanickamAuthor
      Explorer II
      May 23, 2022

      Thank you Adrian and pminarik

      Terms & ConditionsAccessibility statement