notempty
Exceptions for applications that cannot authenticate themselves.
Last adaptation to the version: 11.7
- New:
- Article adaptation
- Translation
- Corrected error in Regex format
Previous versions: -
Introduction
This guide explains in which case authentication exceptions are used and how they can be stored in the proxy.
What are authentication exceptions used for?
Authentication exceptions are often required in connection with virus scanners or other programs that do not support NTLM authentication. In order for these programs to be able to communicate with the Internet despite this, it must be defined in the proxy that the requested URL can be called without previous authentication.
Example
A computer in the internal network cannot load Windows updates.
The entry status="407", appears in the log under the heading
Exception for subdomains
To exclude a website from the authentication exceptions, the URL must be entered as a regex in the list.
The default entries .*\.ikarus\.at and .*\.mailsecurity\.at are required for our solution Securepoint Antivirus Pro.
| Regex | Exception from the authentication for |
|---|---|
| .*download\.windowsupdate\.com | all subdomains of windowsupdate.com ending in download all subdomains of download.windowsupdate.com |
| updateserver\.anyideas\.de | One dedicated address |
| .*\.update\.microsoft\.com | all subdomains of a website |
| fe[0-9]\.update\.microsoft\.com | fe0.update.microsoft.com fe1.update.microsoft.com fe2.update.microsoft.com . . fe9.update.microsoft.com |
Further notes on regex notation can be found in this Wiki article.
Examples of exceptions for Windows update servers
Further examples for setting up authentication exceptions, virus scanners, web filters and SSL interception regarding Windows Updates can be found in the Knowledge Base article Windows Updates with HTTP-Proxy and Web Filter