This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How to connect to Sophos Central via proxy that requires authentication

Hi

We have just moved to a new Proxy system that requires authentication and our servers stopped communicating with Sophos Central and stopped downloading updates.

I have already checked https://community.sophos.com/kb/en-us/119263 and it will not work for us as we dont have an option to exclude particular sites from the proxy (or rather we cannot open our firewall for particular sites). I have noticed though an option for proxy credentials in config.xml file so I am wandering if we can use that to authenticate an endpoint to our proxy so it can communicate with Sophos Central and download updates.

Thanks

   



This thread was automatically locked due to age.
  • Hi Roman,

    In your Sophos Central account, you should have an option to configure proxies in the Global Settings area:

    Proxy Configuration

    Enable devices to connect to Sophos Central or download Sophos software updates through a proxy server
     
    This will allow you to input the proxy details, as well as any credentials that are required for authentication
     
    Stephen
  • Thanks for the reply Stephen

    And how can I apply it to the endpoint if it cannot get proxy settings from the Sophos Central as it needs proxy to communicate?

    Thanks 

  • Hi Roman,

    You can use the installer with command line arguments to specify the proxy and authentication: https://community.sophos.com/kb/en-us/127045 

    Once the endpoint has registered it will then pull down the proxy settings that you have specified in the account.

    Stephen

  • StephenMcKay said:

    Hi Roman,

    You can use the installer with command line arguments to specify the proxy and authentication: https://community.sophos.com/kb/en-us/127045 

    Once the endpoint has registered it will then pull down the proxy settings that you have specified in the account.

    Stephen

     

    Does that mean I will have to uninstall it on all endpoints?

  • Sorry, I overlooked the detail; you installed pre proxy. 

    I think you have a couple of options:

    1) bypass the proxy so that you can pick up the proxy information from Sophos Central

    2) re-install the agent using the command line arguments so that endpoints are able to reach Sophos Central via the authenticated proxy 

    It would be worth testing the installation option with one device and if that is successful continue to re-install devices

    Stephen

  • Not sure if I am doing it right - would that be a command:

    SophosSetup.exe --proxyaddress=proxyaddress.co.uk:8080 --proxyusername=domain\username --proxypassword=Mypassword

    ?

    Thanks

  • Hi Roman,

    I'll be honest, i've not tested with an authenticated proxy, but yes, that looks correct.

    Stephen

  • Roman Korchak said:

    Not sure if I am doing it right - would that be a command:

    SophosSetup.exe --proxyaddress=proxyaddress.co.uk:8080 --proxyusername=domain\username --proxypassword=Mypassword

    ?

    Thanks

     

    Did this command with running TCPView and noticed that Setup is still trying to talk directly to the internet ( https-172-79-251-10.lcy.llnw.net:https) rather than via proxy

  • What does your install log show?

    Testing this mine shows:

     

    2018-04-04T12:55:06.7462315Z INFO : Attempting to connect using proxy 'proxyserver:8080' of type 'Proxy'.

    2018-04-04T12:55:06.7462315Z INFO : Set security protocol: 00000800

    2018-04-04T12:55:06.7462315Z INFO : Opening connection to downloads.sophos.com

    2018-04-04T12:55:06.7462315Z INFO : Opened connection to downloads.sophos.com

    2018-04-04T12:55:06.7462315Z INFO : Request content size: 0

    2018-04-04T12:55:06.8719892Z INFO : Sending request

    2018-04-04T12:55:06.8868942Z INFO : Request sent

    2018-04-04T12:55:07.2618615Z INFO : Response status code: 200

    2018-04-04T12:55:07.2618615Z INFO : Response data size: 1674811

  • I checked the install log and found the following error:

    Failed to connect using proxy 'ourproxyserveraddress:8080' with error: Bad response from new connection: status code=407

    which, I believe, means "Proxy authentication required" although I am definitely providing a correct user name and password in a command.