Configure a Connector to use a proxy server

If your corporate policies require you to use a proxy server for all communication to the internet, then you need to configure your Connectors to use that proxy server. If you didn’t configure a Connector to use a proxy server during installation, then you can configure the Connector to use that proxy server at any time.

BlueXP supports HTTP and HTTPS. The proxy server can be in the cloud or in your network.

Configuring the Connector to use a proxy server provides outbound internet access if a public IP address or a NAT gateway isn’t available. This proxy server provides only the Connector with an outbound connection. It doesn’t provide any connectivity for Cloud Volumes ONTAP systems.

If Cloud Volumes ONTAP systems don’t have an outbound internet connection to send AutoSupport messages, BlueXP automatically configures those Cloud Volumes ONTAP systems to use a proxy server that’s included with the Connector. The only requirement is to ensure that the Connector’s security group allows inbound connections over port 3128. You’ll need to open this port after you deploy the Connector.

Enable a proxy on a Connector

When you configure a Connector to use a proxy server, that Connector and the Cloud Volumes ONTAP systems that it manages (including any HA mediators), all use the proxy server.

Note that this operation restarts the Connector. Ensure that the Connector isn’t performing any operations before you proceed.

Steps

  1. In the upper right of the BlueXP console, select the Settings icon, and select Connector Settings.

    A screenshot that shows the Settings icon in the upper right of the BlueXP console.

  2. Under General, select HTTP Proxy Configuration.

  3. Set up the proxy:

    1. Select Enable Proxy.

    2. Specify the server using the syntax http://address:port or https://address:port

    3. Specify a user name and password if basic authentication is required for the server

    4. Select Save.

      Note BlueXP doesn’t support passwords that include the @ character.

Enable direct API traffic

If you configured a Connector to use a proxy server, you can enable direct API traffic on the Connector in order to send API calls directly to cloud provider services without going through the proxy. This option is supported with Connectors that are running in AWS, in Azure, or in Google Cloud.

If you disabled the use of Azure Private Links with Cloud Volumes ONTAP and are using service endpoints instead, then you must enable direct API traffic. Otherwise, the traffic won’t be routed properly.

Learn more about using an Azure Private Link or service endpoints with Cloud Volumes ONTAP

Steps

  1. In the upper right of the BlueXP console, select the Settings icon, and select Connector Settings.

    A screenshot that shows the Settings icon in the upper right of the BlueXP console.

  2. Under General, select Support Direct API Traffic.

  3. Select the checkbox to enable the option and then select Save.