How Traffic is Directed to Umbrella's Secure Web Gateway

Overview

This article covers how traffic is directed to Umbrella's Secure Web Gateway (SWG) for the following deployments: Cloud-Delivered Firewall (IPsec Tunnel), AnyConnect Secure Web Gateway Module and PAC file.

Cloud-Delivered Firewall

IPsec Tunnels created to Umbrellas Cloud-Delivered Firewall (CDFW) will automatically forward traffic on ports 80 and 443 to the SWG.

In the dashboard reports, the Proxy logs will show the URL e.g https://cisco.com. The IP and port number will be shown in the firewall logs (e.g 72.163.4.161:443).

AnyConnect Secure Web Gateway Module

The AnyConnect SWG Module sends traffic received on ports (80/8080 and 443/3128) to the SWG on ports 80 and 443, respectively.

PAC File

For PAC file deployments, any HTTP and HTTPS traffic will be sent to the SWG. The SWG will connect to ports 80 or 443 dependant on the type of traffic HTTP/HTTPS.

Articles in this section

Overview

Cloud-Delivered Firewall

AnyConnect Secure Web Gateway Module

PAC File

Comments

Articles in this section

Overview

Cloud-Delivered Firewall

AnyConnect Secure Web Gateway Module

PAC File

Related articles