Configuring agents to communicate through a forward proxy
If your firewall rules do not allow outbound HTTPS connections to external hosts, you can configure monitoring agents to send traffic to a forward proxy. Edit the KDH_FORWARDPROXY environment variable to configure agents to communicate through the forward proxy.
About this task
When a forward proxy is used, agents first open a TCP connection with the proxy. Agents send an HTTP CONNECT request and the target endpoint (Monitoring server) URL to the forward proxy. Then, the forward proxy establishes a TCP connection with the target endpoint and sets up an HTTP or HTTPS tunneling session between the agent and the Monitoring server.
Note: Agents do not support authenticating proxies, which means the agent does not support logging on to a forward proxy by using a configured proxy user ID and password.
Procedure
-
Open the agent environment configuration file in a text editor:
-
Linux® or Unix®: For Monitoring Agents or Cloud APM V8 agents, open the <install_dir>/config/global.environment file. The
global.environmentfile configures all agents in the installation directory. For ITM V6 agents (IBM® Tivoli® Monitoring agents or ITCAM agents), open the <install_dir>/config/<pc>.environment file for each agent.Where <install_dir> is the installation directory of the agents, and <pc> is the agent product code.
-
Windows®: For 64-bit agents, open the <install_dir>\TMAITM6_x64\K<pc>ENV file. For 32-bit agents, open the <install_dir>\TMAITM6\K<pc>ENV file.
Where <pc> is the agent product code.
Configure the
K<pc>ENVfile for each agent. For a list of product codes, see Using agent commands.
-
-
Edit the KDH_FORWARDPROXY environment variable to specify the proxy address and port.
KDH_FORWARDPROXY=http://<proxy-address>:<proxy-port-number>Here is an example:
KDH_FORWARDPROXY=http://HostA:8085 -
Restart the agent to implement your changes. See Using agent commands.