Enabling IDex Multiple Proxy support

Article #:

Product:

Castle:

 

ID Indexing System (IDex)

Leeds onward

Problem

Ability to apply IDex Client multiple upstream Smoothwall proxies.

Summary:

IDex Client multiple proxy functionality has been added with the Leeds release of Smoothwall enabling the definition of multiple upstream Smoothwall proxies.

In addition, State reflection functionality enables the IDex Client to determine whether a proxy can be contacted, if it fails, the service will cease listening on that port and, if appropriate configuration is in place, will failover to the next proxy.

Note: Multiple Proxy and State Reflection features are configured separately, and are not inter-dependent. However, it is unlikely that the Multiple Proxy feature will be utilized without State Reflection.

Solution:

Multiple Proxy Configuration

Configuration of multiple proxies is achieved by adding a comma separated entry of the hosts and ports in the IDex Client configuration. Entries in the comma-separated list are matched together, so the first host aligns with the first port, the second host with the second port, and so on. For example:

Windows configuration:

Host configuration: 192.168.0.1, 192.168.0.2, 192.168.0.3

Port configuration: 1080, 3128, 4444

Defines three proxies: 192.168.0.1:1080, 192.168.0.2:3128, and 192.168.0.3:4444

Each proxy is assigned a local listening port, incrementally for each proxy based on the default listening port. For example, if the listening port default is port 8080, each of the three defined proxies, shown above, will be listening on local ports 8080, 8081 and 8082 respectively.

Note: The listening port default is only configurable via registry settings.

Note: IDex Client will record a separate Event Log message for each local listening port that is set up.

macOS configuration:

Host configuration: 192.168.0.1, 192.168.0.2, 192.168.0.3

Port configuration: 1080, 3128, 4444

Listening port configuration: 8080, 8081, 8082

Defines three proxies: 192.168.0.1:1080, 192.168.0.2:3128, and 192.168.0.3:4444

Each proxy is assigned a local listening port, assigned using the comma separated Listening port configuration list. For example, the three defined proxies, shown above, will be listening on local ports 8080, 8081 and 8082 respectively.

Note: IDex Client will record a separate Event Log message for each local listening port that is set up.

State Reflection

The local listening ports, for each configured proxy, will be checked for contactability of the Smoothwall every 90 seconds. If the Smoothwall is found to be unreachable, IDex Client will cease listening on that port (connection attempts will receive “Connection refused”). This state will be logged to the system Event Log. Once the browser detects that the local port is unreachable and, if appropriate configuration is in place, it will failover to the next proxy.

Once the IDex Client has determined the Smoothwall is reachable again, it will resume listening on its associated local port, and the re-availability of the Smoothwall is logged in the Event Log.

Note: Use of State Reflection is not logged to the Event Log.

Enabling State Reflection:

Note: State Reflection functionality is not enabled by default

Windows configuration:

To enable State Reflection, add a DWORD value called “EnableStateReflection” with the value of '1' on the following registry key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\IDexClient\Parameters

The service will need to be restarted for the change to take effect.

Note: State Reflection is not configurable in the installer. It must be manually configured in the system registry, or deployed using a registry Group Policy.

macOS configuration:

To enable State Reflection, add a DWORD value called “EnableStateReflection” with the value of '1' on the file:

/Library/Application Support/IDex Client/idexclient.plist

The service will need to be restarted for the change to take effect.

 

Attribution:

Last updated:

Author:

Contributions by:

18 December 2017

Martin Tookey

 

 


Copyright © 2000-2018 Smoothwall All rights reserved.