Hi!
We are currently migrating our Sophos UTM to a Sophos XGS (SFOS 20) and have some issues with the direct proxy mode.
We have to use this mode because we rely on per-connection authentication for multi-user hosts and content restrictions which can only be applied by the web proxy.
Now we are using some applications which cannot handle proxy authentication requests (status code 407). Is there a way to troubleshoot such requests?
We forward our UTM and XG firewall logs to a syslog server. In the UTM logs we can see these proxy authentication requests and can determine the problematic URLs. The XG logs do not show these authentication requests. The only workaround we have so far is to use tcpdump on the XG console. Is there a better way?
The second and serious problem is that we cannot skip this proxy authentication in direct proxy mode on the XG. This was possible on the UTM with exceptions.
When we use an Anybody activity in the web policy or even the Allow All web policy in the firewall rule the client still gets a proxy authentication request (status code 407) when using the proxy directly.
We workaround this issue by adding the desired URLs to the proxy exception list (in the Windows proxy settings via Group Policies). Is there a way to skip proxy authentication for specific URLs at the XG alone (like it worked for the UTM)?
Added TAGs
[edited by: Erick Jan at 8:12 AM (GMT -7) on 20 Mar 2024]