{"id":809,"date":"2014-05-05T21:11:06","date_gmt":"2014-05-06T01:11:06","guid":{"rendered":"http:\/\/www.bhargavs.com\/?p=809"},"modified":"2014-05-05T21:11:06","modified_gmt":"2014-05-06T01:11:06","slug":"would-you-like-an-open-proxy-with-your-firewall","status":"publish","type":"post","link":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/","title":{"rendered":"Would you like an open proxy with your firewall?"},"content":{"rendered":"<blockquote>\n<p>UPDATED 5\/8\/2014: Cisco\/Meraki has updated their documentation to state that a separate firewall is needed to protect MX firewall configured in passthrough mode. However, their document still fails to state that enabling web caching in passthrough mode will make it an open web proxy.<\/p>\n<\/blockquote>\n<p>When I started working on our datacenter project, we had to decide what hardware we will use for network requirements, including which firewall to use for our needs. Given my previous experience with Cisco PIX and reputation of Cisco in networking world, I decided to go with Cisco Meraki MX series firewall. The idea was simple. Make management of firewall as easy as possible. With cloud management features offered by Meraki, it made a lot of sense to go with brand that is well recognized. What could go wrong, right?<\/p>\n<p>Well, it wasn\u2019t until I got a call from my datacenter manager who said my external IP address seemed to be spamming others and they have been getting complaints of abuse. At first, it was easy for me to dismiss this complaint as a spoof. Primarily because I hadn\u2019t setup any services on two of my servers that I happened to have just installed Windows Server OS on. I had applied all recent updates and left them at that. Eventually I will have servers running Lync server Edge role among other services which need public IP addresses assigned directly to them. Due to this requirement, I had decided to configure Meraki firewall in passthrough mode. Since I also wanted to reduce bandwidth usage where possible, I enabled web caching on Meraki as well.<\/p>\n<p>There is usually a detriment to write off a warning such as this and I happened to have fell for just that! That didn\u2019t last very long as more reports of abuse rolled in and datacenter folks reached out to me again. This time they again repeated that traffic appeared to be coming from IP address I had assigned to firewall. It did not make any sense because since firewall was in passthrough mode, servers must use their own public IP address if they wanted to connect to internet. I should be seeing a server IP if they were infected with malware. And why would firewall send traffic on its own if servers weren\u2019t sending it? This just got bizarre. I had not seen anything like this before.<\/p>\n<p>No matter how confident, I decided to shut down my servers leaving nothing to chance and started looking at traffic patterns systematically. Since I had only two servers, not configured with anything specific just yet, it was easy to shut them down. No production workloads, no users effected, easy! Now, I only had firewall up, nothing else. Well, network switches ofcourse but they had no IP that can communicate to outside since there was no NAT device in the environment.<\/p>\n<p>To my surprise, datacenter folks still saw outbound traffic! I had them capture traffic from their side, outside of my firewall. When I looked at the traffic capture in wireshark, I saw unknown IP addresses, making web requests and sending emails to different recipients using SMTP! It just didn\u2019t make sense. It looked as if the firewall itself was acting as a proxy. A wide open public proxy infact! How could a firewall do that without any clients connected to it? How can it generate traffic on its own?<\/p>\n<p>It certainly was time to get some answers. A call to Cisco Meraki was in order. Customer service was quick to respond. I got on the phone with a support engineer and explained the behavior. He was just as surprised as I was and mentioned he had never seen such bizarre behavior before. After looking around a little bit, we had ruled out VPN as no VPN had been configured. There wasn\u2019t much configured in terms of options because it was passthrough configuration. The only item that stood out was web caching. After a brief hold, engineer came back beaming instructions to disable web cache. And I obliged. We were keeping eye on bandwidth usage all the while which was pushing north of 12Mb\/s. That was a lot of traffic with no clients connected to firewall. As we disabled web caching, I saw the bandwidth graph fall off the cliff. It went from more than 12Mb\/s to almost zero! We had just found our culprit!<\/p>\n<p>It now was time for Cisco to come clean. I was told that since we didn\u2019t collect any data before switching web proxy off, the logs were effectively lost. However, SE offered to get back to me after some research, which I agreed to. After few hours, I received an email with verbatim I am going to include below:<\/p>\n<blockquote>\n<p>Because the MX was in pass-through mode with HTTP Content Caching enabled, the Caching engine was exposed to the outside internet effectively acting as an open web proxy, which was discovered by a 3rd party and utilized as such. Our documentation recommends that any MX device in passthrough mode be placed behind another NAT\/Firewall device in order to prevent scenarios like this one. I apologize for any confusion there may have been in this regard.<\/p>\n<\/blockquote>\n<p>So according to Cisco, by putting the firewall in passthrough mode and not protecting with YET ANOTHER firewall, I had made my firewall an open proxy that anyone in the world can connect to and do anything they wish on web!  <\/p>\n<p>Now, it is one thing if I had not read Meraki documentation but I am a believer of RTFM! I actually did read their documentation before implementing what I did and their documentation has NO mention of such behavior that I can find. Don\u2019t believe me? Take a look: <a title=\"https:\/\/docs.meraki.com\/pages\/viewpage.action?pageId=15728727\" href=\"https:\/\/docs.meraki.com\/pages\/viewpage.action?pageId=15728727\">https:\/\/docs.meraki.com\/pages\/viewpage.action?pageId=15728727<\/a>. So, despite claims by SE that their documentation recommends that an MX in passthrough mode be protected by another firewall device, their documentation falls short. The net net is someone like me who falls victim to an open proxy that they happened to have baked into their product. I can\u2019t wait to explain my bandwidth bill to my&nbsp; management at end of first month with no productivity from the environment at all. I am so looking forward to explaining why we were almost blacklisted by many ISPs with no servers working! Thanks Cisco!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>UPDATED 5\/8\/2014: Cisco\/Meraki has updated their documentation to state that a separate firewall is needed to protect MX firewall configured in passthrough mode. However, their document still fails to state [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"pgc_sgb_lightbox_settings":"","_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[24],"tags":[100,132,171,199,234],"class_list":["post-809","post","type-post","status-publish","format-standard","hentry","category-security","tag-cisco","tag-firewall","tag-meraki","tag-open-proxy","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Would you like an open proxy with your firewall? - Bhargav&#039;s IT Playground<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Would you like an open proxy with your firewall? - Bhargav&#039;s IT Playground\" \/>\n<meta property=\"og:description\" content=\"UPDATED 5\/8\/2014: Cisco\/Meraki has updated their documentation to state that a separate firewall is needed to protect MX firewall configured in passthrough mode. However, their document still fails to state [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/\" \/>\n<meta property=\"og:site_name\" content=\"Bhargav&#039;s IT Playground\" \/>\n<meta property=\"article:published_time\" content=\"2014-05-06T01:11:06+00:00\" \/>\n<meta name=\"author\" content=\"Bhargav\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Bhargav\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/bhargavs.com\\\/index.php\\\/2014\\\/05\\\/05\\\/would-you-like-an-open-proxy-with-your-firewall\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/bhargavs.com\\\/index.php\\\/2014\\\/05\\\/05\\\/would-you-like-an-open-proxy-with-your-firewall\\\/\"},\"author\":{\"name\":\"Bhargav\",\"@id\":\"https:\\\/\\\/bhargavs.com\\\/#\\\/schema\\\/person\\\/28f6d8c9b29f3a879483d65fc2ab5e26\"},\"headline\":\"Would you like an open proxy with your firewall?\",\"datePublished\":\"2014-05-06T01:11:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/bhargavs.com\\\/index.php\\\/2014\\\/05\\\/05\\\/would-you-like-an-open-proxy-with-your-firewall\\\/\"},\"wordCount\":1076,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/bhargavs.com\\\/#\\\/schema\\\/person\\\/28f6d8c9b29f3a879483d65fc2ab5e26\"},\"keywords\":[\"Cisco\",\"Firewall\",\"Meraki\",\"Open Proxy\",\"Security\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/bhargavs.com\\\/index.php\\\/2014\\\/05\\\/05\\\/would-you-like-an-open-proxy-with-your-firewall\\\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/bhargavs.com\\\/index.php\\\/2014\\\/05\\\/05\\\/would-you-like-an-open-proxy-with-your-firewall\\\/\",\"url\":\"https:\\\/\\\/bhargavs.com\\\/index.php\\\/2014\\\/05\\\/05\\\/would-you-like-an-open-proxy-with-your-firewall\\\/\",\"name\":\"Would you like an open proxy with your firewall? - Bhargav&#039;s IT Playground\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/bhargavs.com\\\/#website\"},\"datePublished\":\"2014-05-06T01:11:06+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/bhargavs.com\\\/index.php\\\/2014\\\/05\\\/05\\\/would-you-like-an-open-proxy-with-your-firewall\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/bhargavs.com\\\/index.php\\\/2014\\\/05\\\/05\\\/would-you-like-an-open-proxy-with-your-firewall\\\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/bhargavs.com\\\/index.php\\\/2014\\\/05\\\/05\\\/would-you-like-an-open-proxy-with-your-firewall\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/bhargavs.com\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Would you like an open proxy with your firewall?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/bhargavs.com\\\/#website\",\"url\":\"https:\\\/\\\/bhargavs.com\\\/\",\"name\":\"Bhargav's IT Playground\",\"description\":\"Passion for Technology. Power of Collaboration.\",\"publisher\":{\"@id\":\"https:\\\/\\\/bhargavs.com\\\/#\\\/schema\\\/person\\\/28f6d8c9b29f3a879483d65fc2ab5e26\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/bhargavs.com\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"https:\\\/\\\/bhargavs.com\\\/#\\\/schema\\\/person\\\/28f6d8c9b29f3a879483d65fc2ab5e26\",\"name\":\"Bhargav\",\"logo\":{\"@id\":\"https:\\\/\\\/bhargavs.com\\\/#\\\/schema\\\/person\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/bhargavs.com\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Would you like an open proxy with your firewall? - Bhargav&#039;s IT Playground","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/","og_locale":"en_US","og_type":"article","og_title":"Would you like an open proxy with your firewall? - Bhargav&#039;s IT Playground","og_description":"UPDATED 5\/8\/2014: Cisco\/Meraki has updated their documentation to state that a separate firewall is needed to protect MX firewall configured in passthrough mode. However, their document still fails to state [&hellip;]","og_url":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/","og_site_name":"Bhargav&#039;s IT Playground","article_published_time":"2014-05-06T01:11:06+00:00","author":"Bhargav","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Bhargav","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/#article","isPartOf":{"@id":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/"},"author":{"name":"Bhargav","@id":"https:\/\/bhargavs.com\/#\/schema\/person\/28f6d8c9b29f3a879483d65fc2ab5e26"},"headline":"Would you like an open proxy with your firewall?","datePublished":"2014-05-06T01:11:06+00:00","mainEntityOfPage":{"@id":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/"},"wordCount":1076,"commentCount":0,"publisher":{"@id":"https:\/\/bhargavs.com\/#\/schema\/person\/28f6d8c9b29f3a879483d65fc2ab5e26"},"keywords":["Cisco","Firewall","Meraki","Open Proxy","Security"],"articleSection":["Security"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/","url":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/","name":"Would you like an open proxy with your firewall? - Bhargav&#039;s IT Playground","isPartOf":{"@id":"https:\/\/bhargavs.com\/#website"},"datePublished":"2014-05-06T01:11:06+00:00","breadcrumb":{"@id":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/bhargavs.com\/index.php\/2014\/05\/05\/would-you-like-an-open-proxy-with-your-firewall\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/bhargavs.com\/"},{"@type":"ListItem","position":2,"name":"Would you like an open proxy with your firewall?"}]},{"@type":"WebSite","@id":"https:\/\/bhargavs.com\/#website","url":"https:\/\/bhargavs.com\/","name":"Bhargav's IT Playground","description":"Passion for Technology. Power of Collaboration.","publisher":{"@id":"https:\/\/bhargavs.com\/#\/schema\/person\/28f6d8c9b29f3a879483d65fc2ab5e26"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/bhargavs.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":["Person","Organization"],"@id":"https:\/\/bhargavs.com\/#\/schema\/person\/28f6d8c9b29f3a879483d65fc2ab5e26","name":"Bhargav","logo":{"@id":"https:\/\/bhargavs.com\/#\/schema\/person\/image\/"},"sameAs":["https:\/\/bhargavs.com"]}]}},"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":44,"url":"https:\/\/bhargavs.com\/index.php\/2009\/01\/27\/physical-to-physical-server-migration-with-firewall-transversal\/","url_meta":{"origin":809,"position":0},"title":"Physical-to-Physical Server migration with Firewall Transversal","author":"Bhargav","date":"January 27, 2009","format":false,"excerpt":"A common tool that is used for X2P & X2V migrations is called PowerConvert from Platespin. Generally speaking the servers that are being migrated are put on the same internal network segment and therefore relatively easy to migrate. However, I wanted to examine how the process works if that is\u2026","rel":"","context":"In &quot;VMware&quot;","block_context":{"text":"VMware","link":"https:\/\/bhargavs.com\/index.php\/category\/technology\/virtualization\/vmware\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1687,"url":"https:\/\/bhargavs.com\/index.php\/2013\/01\/28\/vamt-unable-to-connect-to-wmi-service-on-remote-machine\/","url_meta":{"origin":809,"position":1},"title":"VAMT unable to connect to wmi service on remote machine","author":"Bhargav","date":"January 28, 2013","format":false,"excerpt":"If you are Microsoft\u2019s volume license customer or an MSDN subscriber, the question of tracking usage of your volume license activation may have surfaced. You may already know what Volume Activation Management Tool (VAMT) is. If you aren\u2019t, you can read more about it here. \u00a0 Since I often build\u2026","rel":"","context":"In &quot;Firewall&quot;","block_context":{"text":"Firewall","link":"https:\/\/bhargavs.com\/index.php\/category\/technology\/firewall\/"},"img":{"alt_text":"image","src":"https:\/\/i0.wp.com\/bhargavs.com\/wp-content\/uploads\/2013\/01\/image_thumb.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":1683,"url":"https:\/\/bhargavs.com\/index.php\/2012\/10\/05\/automatic-collection-of-configuration-data-failed\/","url_meta":{"origin":809,"position":2},"title":"Automatic collection of configuration data failed","author":"Bhargav","date":"October 5, 2012","format":false,"excerpt":"As I was building my Lync 2010 lab today, I came across an interesting problem. I am calling it interesting because I had already installed two front-end servers which were going to be in an enterprise pool. Now was the time to install SE in simulated multi-site environment. As I\u2026","rel":"","context":"In &quot;Firewall&quot;","block_context":{"text":"Firewall","link":"https:\/\/bhargavs.com\/index.php\/category\/technology\/firewall\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1684,"url":"https:\/\/bhargavs.com\/index.php\/2012\/10\/06\/test-csgroupim-operation-has-timed-out\/","url_meta":{"origin":809,"position":3},"title":"Test-CsGroupIm operation has timed out","author":"Bhargav","date":"October 6, 2012","format":false,"excerpt":"Yet another one of those interesting discoveries that took most of my afternoon to figure out. What I was trying this time was synthetic test cmdlets available to test different workloads in Lync Server 2010. I was testing IM conferencing. I had two users in this scenarios homed on different\u2026","rel":"","context":"In &quot;Firewall&quot;","block_context":{"text":"Firewall","link":"https:\/\/bhargavs.com\/index.php\/category\/technology\/firewall\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1664,"url":"https:\/\/bhargavs.com\/index.php\/2011\/04\/27\/how-revert-changes-made-by-enable-psremoting\/","url_meta":{"origin":809,"position":4},"title":"How to revert changes made by Enable-PSRemoting?","author":"Bhargav","date":"April 27, 2011","format":false,"excerpt":"Have you ever been in a situation where you have PowerShell Remoting enabled and you need to put the configuration back the way it was before Enable-PSRemoting was run? While it might seem that just running Disable-PSRemoting should suffice, it turns out to be a bit more work than you\u2026","rel":"","context":"In &quot;PowerShell&quot;","block_context":{"text":"PowerShell","link":"https:\/\/bhargavs.com\/index.php\/category\/microsoft\/powershell\/"},"img":{"alt_text":"image","src":"https:\/\/i0.wp.com\/bhargavs.com\/wp-content\/uploads\/2013\/03\/image_thumb.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]},{"id":1705,"url":"https:\/\/bhargavs.com\/index.php\/2013\/10\/21\/routing-for-hyper-v-lab-part-2\/","url_meta":{"origin":809,"position":5},"title":"Routing for Hyper-V Lab &#8211; Part 2","author":"Bhargav","date":"October 21, 2013","format":false,"excerpt":"In Part 1 of this article, we discussed how you can route between VMs on same host using networks connected to \u201cInternal\u201d virtual switch. Now let\u2019s look at how to route between VMs when your lab consists of more than one hosts. Obviously, what I am going to cover isn\u2019t\u2026","rel":"","context":"In &quot;Hyper-V&quot;","block_context":{"text":"Hyper-V","link":"https:\/\/bhargavs.com\/index.php\/category\/technology\/virtualization\/hyper-v\/"},"img":{"alt_text":"image","src":"https:\/\/i0.wp.com\/bhargavs.com\/wp-content\/uploads\/2013\/10\/image_thumb.png?resize=350%2C200&ssl=1","width":350,"height":200},"classes":[]}],"jetpack_shortlink":"https:\/\/wp.me\/pkROc-d3","_links":{"self":[{"href":"https:\/\/bhargavs.com\/index.php\/wp-json\/wp\/v2\/posts\/809","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bhargavs.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bhargavs.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bhargavs.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bhargavs.com\/index.php\/wp-json\/wp\/v2\/comments?post=809"}],"version-history":[{"count":0,"href":"https:\/\/bhargavs.com\/index.php\/wp-json\/wp\/v2\/posts\/809\/revisions"}],"wp:attachment":[{"href":"https:\/\/bhargavs.com\/index.php\/wp-json\/wp\/v2\/media?parent=809"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bhargavs.com\/index.php\/wp-json\/wp\/v2\/categories?post=809"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bhargavs.com\/index.php\/wp-json\/wp\/v2\/tags?post=809"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}