Technical Tip: How to configure multiple outgoing IP for explicit web-proxy

In order to configure multiple outgoing IP for explicit web-proxy, configure the secondary IP in the external interface for outgoing traffic.

Here is a step by step guide: 

1) Configure multiple secondary IP

#config system interface
    edit "port1"
        set vdom "root"
        set ip 10.1.1.73 255.255.252.0
        set allowaccess ping https ssh http telnet
        set type physical
        set snmp-index 1
        set secondary-IP enable
        config secondaryip
            edit 1
                set ip 10.1.0.214 255.255.252.0
            next
            edit 2
                set ip 10.1.0.215 255.255.252.0
            next
        end
    next
end

2) Enable multiple outgoing IP address in explicit webproxy setting.

#config web-proxy explicit
    set status enable
    set http-incoming-port 8080
    set outgoing-ip 10.1.0.214 10.1.0.215
end

Note: If the outgoing-ip is not configured on any interface, the following message will be seen on the CLI :

The IP address 1.1.1.1 and 2.2.2.2 is not configured on any interface.

conf web-proxy explicit
   set outgoing-ip 1.1.1.1 2.2.2.2
No manual addressing interface has this IP address  <<<<<<

 

To verify if both IP being used for outgoing traffic, run sniffer command with interface name ( verbose 4 ) in infinite loop ( 0 ) & absolute local time ( l ).

diag sniffer packet port1 ‘host 10.1.0.214’ 4 0 l

diag sniffer packet port1 ‘host 10.1.0.215’ 4 0 l