Hi Experts,

I have a service that interact with google which is working fine but as our system are getting update we are getting rid of network proxies hence I would need to how to access internet based service from a DataPower appliance after getting rid of the proxy setting made in user agent of the xml manger of mpgw, and also  basic auth based upon url match condition 

Thanks 
Avinash

------------------------------
Avinash Mohan Vundale
------------------------------

Avinash,

If you are getting rid of network proxies, as long as your DNS settings resolve to a tree visible to the internet at large, you shouldn't need to worry.

To setup basic auth by URL, just define your Basic Authentication settings in the User Agent associated with the XML Manager associated with your service.  YOu can add mutliple entries and use different information.

Be careful about your Validation Credential if you are using one, google updates their certificates every 90 days or so.

------------------------------
Joseph Morgan
------------------------------

Original Message:
Sent: Fri July 22, 2022 08:16 AM
From: Avinash Mohan Vundale
Subject: How to connect to Google from DMZ datapower device. when there is no need to add proxy and update DNS entries.

Hi Experts,

I have a service that interact with google which is working fine but as our system are getting update we are getting rid of network proxies hence I would need to how to access internet based service from a DataPower appliance after getting rid of the proxy setting made in user agent of the xml manger of mpgw, and also  basic auth based upon url match condition 

Thanks 
Avinash

------------------------------
Avinash Mohan Vundale
------------------------------

Hi Joseph,

I am unable to establish connectivity to google even after adding the certificate an key newly generated in to the ssl profile that I had created.

I am stilling getting below eero message from my system logs.

mpgw (GoogleService_MPGW): Network Error (Connection hangup) on Back interface (URL: https://www.google.com/recaptcha/api/siteverify) when sending the request to the back server (URL: https://www.google.com/recaptcha/api/siteverify).

Thanks and Regards,

Avinash

------------------------------
Avinash Mohan Vundale
------------------------------

Original Message:
Sent: Fri July 22, 2022 09:33 AM
From: Joseph Morgan
Subject: How to connect to Google from DMZ datapower device. when there is no need to add proxy and update DNS entries.

Avinash,

If you are getting rid of network proxies, as long as your DNS settings resolve to a tree visible to the internet at large, you shouldn't need to worry.

To setup basic auth by URL, just define your Basic Authentication settings in the User Agent associated with the XML Manager associated with your service.  YOu can add mutliple entries and use different information.

Be careful about your Validation Credential if you are using one, google updates their certificates every 90 days or so.

------------------------------
Joseph Morgan

Original Message:
Sent: Fri July 22, 2022 08:16 AM
From: Avinash Mohan Vundale
Subject: How to connect to Google from DMZ datapower device. when there is no need to add proxy and update DNS entries.

Hi Experts,

I have a service that interact with google which is working fine but as our system are getting update we are getting rid of network proxies hence I would need to how to access internet based service from a DataPower appliance after getting rid of the proxy setting made in user agent of the xml manger of mpgw, and also  basic auth based upon url match condition 

Thanks 
Avinash

------------------------------
Avinash Mohan Vundale
------------------------------

OK.  Two things.  I'm not sure why you say you generated a new key and cert into an SSL Profile.  Is the recaptcha at Google using mutual authentication (I seriously doubt it).  At most, capture the certificate from google (it is their wildcard) and use it within your validation credential of a Client profile (no need for the key) if you want to verify the cert exactly.  But since that wildcard seems to expire in short cycles, maybe consider using the Google Trust Services LLC and validate the issuer.

Either way, the hangup is from the back interface, so Google is hanging up for some reason.  Are you sending the input secret to the recaptcha service?


------------------------------
Joseph Morgan
------------------------------

Original Message:
Sent: Sat July 23, 2022 07:28 AM
From: Avinash Mohan Vundale
Subject: How to connect to Google from DMZ datapower device. when there is no need to add proxy and update DNS entries.

Hi Joseph,

I am unable to establish connectivity to google even after adding the certificate an key newly generated in to the ssl profile that I had created.

I am stilling getting below eero message from my system logs.

mpgw (GoogleService_MPGW): Network Error (Connection hangup) on Back interface (URL: https://www.google.com/recaptcha/api/siteverify) when sending the request to the back server (URL: https://www.google.com/recaptcha/api/siteverify).

Thanks and Regards,

Avinash

------------------------------
Avinash Mohan Vundale

Original Message:
Sent: Fri July 22, 2022 09:33 AM
From: Joseph Morgan
Subject: How to connect to Google from DMZ datapower device. when there is no need to add proxy and update DNS entries.

Avinash,

If you are getting rid of network proxies, as long as your DNS settings resolve to a tree visible to the internet at large, you shouldn't need to worry.

To setup basic auth by URL, just define your Basic Authentication settings in the User Agent associated with the XML Manager associated with your service.  YOu can add mutliple entries and use different information.

Be careful about your Validation Credential if you are using one, google updates their certificates every 90 days or so.

------------------------------
Joseph Morgan

Original Message:
Sent: Fri July 22, 2022 08:16 AM
From: Avinash Mohan Vundale
Subject: How to connect to Google from DMZ datapower device. when there is no need to add proxy and update DNS entries.

Hi Experts,

I have a service that interact with google which is working fine but as our system are getting update we are getting rid of network proxies hence I would need to how to access internet based service from a DataPower appliance after getting rid of the proxy setting made in user agent of the xml manger of mpgw, and also  basic auth based upon url match condition 

Thanks 
Avinash

------------------------------
Avinash Mohan Vundale
------------------------------

Thanks for this information

------------------------------
Amit Biswas
------------------------------

Original Message:
Sent: Fri July 22, 2022 09:33 AM
From: Joseph Morgan
Subject: How to connect to Google from DMZ datapower device. when there is no need to add proxy and update DNS entries.

Avinash,

If you are getting rid of network proxies, as long as your DNS settings resolve to a tree visible to the internet at large, you shouldn't need to worry.

To setup basic auth by URL, just define your Basic Authentication settings in the User Agent associated with the XML Manager associated with your service.  YOu can add mutliple entries and use different information.

Be careful about your Validation Credential if you are using one, google updates their certificates every 90 days or so.

------------------------------
Joseph Morgan

Original Message:
Sent: Fri July 22, 2022 08:16 AM
From: Avinash Mohan Vundale
Subject: How to connect to Google from DMZ datapower device. when there is no need to add proxy and update DNS entries.

Hi Experts,

I have a service that interact with google which is working fine but as our system are getting update we are getting rid of network proxies hence I would need to how to access internet based service from a DataPower appliance after getting rid of the proxy setting made in user agent of the xml manger of mpgw, and also  basic auth based upon url match condition 

Thanks 
Avinash

------------------------------
Avinash Mohan Vundale
------------------------------