Bypassing for Internal Servers
This option allows clients to access specific internal servers directly. You might choose this setup if you want to let users access internal web pages without routing requests through the appliance. When based on the Explicit Deployment, this option does the following:
- Inspects HTTP, HTTPS, and FTP over HTTP traffic.
- Supports individual user opt-outs.
- Requires configuration for all clients.
- If it fails, all clients must be reconfigured, although clients can be configured to bypass the Web Appliance should it fail.
Operation

- Users’
HTTP, HTTPS, and FTP requests are examined by the PAC script
or similar configuration and forwarded to the appropriate server: the Web Appliance
or another server
.
- When requests are forwarded to the Web Appliance, it
assesses the URLs, blocks disallowed requests, checks if allowed URL requests are currently cached, and passes URL requests that are not cached through the firewall
to retrieve them from the internet
.
Note Port 80, port 443, and port 21 requests from usersare blocked at the firewall
; URLs are only accepted by the firewall
if they are from the Web Appliance
.
- The Web Appliance
receives any new pages or files and caches them; it passes the pages or files of allowed requests back to the users
.
- The users
receive only safe and allowed pages and files or a notification page.
Configuration