Identifying global proxy clients and devices
- Create a web proxy authentication policy for the Global Proxy using NTLM. See the help topic, Creating authentication policies.
- Set the Global Proxy devices' internal proxy settings to point to the externally resolvable host name of the Smoothwall that resolves to the external IP address of the Smoothwall, and the port number used for the Global Proxy using NTLM authentication policy. For example: https://mysmoothwall.com/800. This must be on HTTPS and not HTTP.
- Add the external address of the Smoothwall to the devices' internal proxy exception lists. This ensures that the certificate validation requests aren't proxied.
- On the WEB PROXY menu, under the Global Proxy submenu, click Settings.
- Under the Device identification section, from the Device Identification option:
- To use a global proxy certificate:
To use a secure URL:
- Select "Client supplied certificate" and if a password is needed, enter it into the Certificate password box.
- Click Download certificate.
- Copy this certificate into the relevant devices' internal storage and import it into the browsers.
To use no identification:
- Select "Secure URL" and in the Query string text box that appears, enter the string that you want.
- To make sure that device identification is done immediately after opening the browser, set the Global Proxy devices' browser homepage to: https://<Smoothwall_external_address>:62444/?<Query_string>, where: Smoothwall_external_address is externally resolvable hostname of the Smoothwall and Query_string is the secure URL string configured. For example, https://192.168.0.1:62444/?Hhfbn97Zy.
Click Save changes.
- Select "No identification (Open proxy)".