The Content Gateway ARM

The ARM inspects incoming packets before a routing decision is made and redirects the packets to Content Gateway for processing.

The ARM uses iptables, policy routing, and transparent sockets configured during product installation. The installation process also creates redirection rules to intercept packets. The ARM is always active.

To ensure that the proxy can serve HTTP, HTTPS, FTP, and DNS requests transparently, verify the redirection rules in the ipnat.conf file and edit them if necessary.

  • If you are using WCCP for transparent interception, there must be a redirection rule for every port in every active service group.
  • Rules for standard ports are included by default.

To review and edit the ARM redirection rules:

Steps

  1. Log on to the Content Gateway manager and go to the Configure > Networking > ARM > General tab.
  2. Verify the Redirection Rules (taken from the ipnat.conf file) and make any needed changes. To change a redirection rule:
    1. Click Edit File to open the configuration file editor for the ipnat.conf file.
    2. Select the rule you want to edit and modify the appropriate fields.
    3. Click Set and then click Apply to apply your changes.
    4. Click Close to exit the configuration file editor.

      All fields are described in ARM.

  3. If you have made any changes, go to the Configure > My Proxy > Basic > General tab and click Restart.