Aller à :navigation, rechercher
Wiki

HTTP-Proxy Authentication exceptions

De Securepoint Wiki





























In dieser Seite werden die Variablen für unterschiedliche Sprachen definiert.
Diese Seite wird auf folgenden Seiten eingebunden









The status 407 describes that the proxy requires authentication.























Last adaptation to the version: 14.1.1(11.2025)

New:
  • HTTP proxy profiles added
  • Updated to Redesign of the webinterface
notempty
This article refers to a Beta version
Access: UTM-IP:Port or UTM-URL:Port
Port as configured at Network / Appliance Settings / Webserver
Default-Port: 11115
i.e.: https://utm.ttt-point.de:11115
Default: https://192.168.175.1:11115 Applications HTTP Proxy

Introduction

This guide explains in which case authentication exceptions are used and how they can be stored in the proxy.
Infoschaltfläche

What are authentication exceptions used for?

Authentication exceptions are often required in connection with virus scanners or other programs that do not support NTLM authentication. In order for these programs to be able to communicate with the Internet despite this, it must be defined in the proxy that the requested URL can be called without previous authentication.

Example

LOG entry

A computer in the internal network cannot load Windows updates.
The entry status="407", appears in the log under the heading Only display application and kernel messages

Exception for subdomains

To exclude a website from the authentication exceptions, the URL must be entered as a regex in the list.
The default entries \.ikarus\.at and \.mailsecurity\.at are required for our solution Securepoint Antivirus Pro. 		HTTP-Proxy UTMuser@firewall.name.fqdnApplications HTTP-Proxy Log 42
notempty
New as of v14.1.1
Edit Click on the corresponding button to edit the desired profile.
Caption Value Description
|| Ein ||
Caption Regex Exception from the authentication for
».*download\.windowsupdate\.com all subdomains of windowsupdate.com ending in download
all subdomains of download.windowsupdate.com
» updateserver\.anyideas\.de One dedicated address
»\.update\.microsoft\.com | all subdomains of a website
»fe[0-9]\.update\.microsoft\.com fe0.update.microsoft.com
fe1.update.microsoft.com
fe2.update.microsoft.com
[...]
fe9.update.microsoft.com


Further notes on regex notation can be found in this Wiki article.
The default entries are available for a new UTM installation from v12.5. If an existing UTM before v12.5 is updated, the entries remain as .*\.ikarus\.at and .*\.mailsecurity\.at

Examples of exceptions for Windows update servers

Further examples for setting up authentication exceptions, virus scanners, web filters and SSL interception regarding Windows Updates can be found in the Knowledge Base article Windows Updates with HTTP-Proxy and Web Filter

Récupérée de "https://wiki.securepoint.de/index.php?title=UTM/APP/HTTP_Proxy-Authentifizierungsausnahmen&oldid=102418"