HPE Community
M and MSM Series
1752790 Members
6458 Online
108789 Solutions
New Discussion

Re: MSM760 zero configuration/proxy issue

 
Jerry_
Occasional Contributor

‎05-19-2012 05:46 AM

‎05-19-2012 05:46 AM

MSM760 zero configuration/proxy issue

Hi,

 

We are implementing a MSM760 in a school and users need to use a proxy in their browser to access the internet. There are actually a few different proxys which control content depending on the user.

 

We are authenticating via RADIUS and the problem we have is this:

 

How can we get the MSM760 to redirect to the login page if there is a proxy in the browser?

 

Notes:

  • Using zero configuration works to get us redirected up until we are authenticated and then of course we can't browse as it ignores the proxy.
  • With the proxy set in the browser, when we a re unauthenticated just gets us a PCBD.
  • With no proxy set in the browser we get redirected but then cannot browse.
  • We can workaround by removing the proxy, authenticating and then putting it back in but this is not suitable outside the testing environment.

 

Any help is much appreciated.

 

Thanks

0 Kudos
5 REPLIES 5
JesseR
Regular Advisor

‎05-21-2012 09:14 AM

‎05-21-2012 09:14 AM

Re: MSM760 zero configuration/proxy issue

What's a PCBD?

 

I have never run into this issue because only the guest VSC users HTML logon authentication and redirection in my environments, and those guest machines don't have a proxy address required.

 

Can you just remove the need for the internet to be proxied for devices coming from THAT particular VSC/network?  Or, can you put a proxy override/exception entry in for the page clients get redirected to using HTML auth?

 

J

Jesse R
Source One Technology, Inc.
HP Partner


MSM 5.7.x deployment guide:

0 Kudos
Jerry_
Occasional Contributor

‎05-21-2012 10:37 AM

‎05-21-2012 10:37 AM

Re: MSM760 zero configuration/proxy issue

Thanks for the reply Jesse,

 

PCBD = page cannot be displayed

 

The environment is a school so everything must go out via a proxy.

 

If we set the user's homepage to something internal and exclude it in the proxy settings this does redirect to auth page  but becomes a problem for all the guest users that have google as their homepage.

 

Also, if a guest user doesn't have a proxy set in the browser they get straight to auth page but then can't browse!

 

Maybe there isn't a solution that fits our needs but these MSM760 are used in lots of schools so I would have thought HP should have something to make it work.

0 Kudos
gglater
Regular Advisor

‎05-21-2012 10:47 AM

‎05-21-2012 10:47 AM

Re: MSM760 zero configuration/proxy issue

Please open a case with support so that you can get the information that you need.

 

Thanks.

 

--glen

0 Kudos
JesseR
Regular Advisor

‎05-21-2012 02:41 PM

‎05-21-2012 02:41 PM

Re: MSM760 zero configuration/proxy issue

Jerry,

I have many MSM760s in schools and they all have proxy/filter servers but I don't have this particular issue anywhere as most environments can be configured so you don't NEED to send web traffic outbound via proxy, but merely as an option.  We do this in schools with CIPA Filter, Lightspeed, and other filter appliances, etc.  I think perhaps maybe you have your firewall settings not allowing any web-outbound traffic unless its coming FROM the proxy itself?  I'd suggest looking at changing this setup to allow non-proxy internet traffic outbound FROM the network where your guests machines are VLAN'd to. 

 

Aside from that, another option is... I'm assuming this VSC is access controlled, yes?  If so, you should be able to go to the Attributes page in the MSM760 (I think under Public Access or something... I forgot off-hand) and change the built-in default Access Control Lists so traffic is allowed to the proxy server without requiring authetnication first.  That should also work I would think?    If you can't find the attributes page, let me know and I can send you a screenshot tomorrow.

 

J

 

Jesse R
Source One Technology, Inc.
HP Partner


MSM 5.7.x deployment guide:

0 Kudos
JesseR
Regular Advisor

‎06-09-2012 01:17 PM

‎06-09-2012 01:17 PM

Re: MSM760 zero configuration/proxy issue

Jerry,

 

I just found another setting that might be of help to you... Located under Controller -> Public Access -> Access Control.

 

(from help file) 

Support applications that use
HTTP/HTTPS proxy: Enable this option to allow the controller to support client stations that use application software (such as a web browser) configured to use a proxy server for HTTP and HTTPS, without reconfiguration of the application software.
When this feature is enabled, ensure that client stations:
Do not use a proxy server on ports 21, 23, 25, 110, 443, 8080, or 8090. To support ports 8080 and 8090, change the port settings under Public access > Web server > Ports.
Use the same proxy server address and port number for both HTTP and HTTPS.
Restrict proxy support to users authenticated via HTML: Enable this option to restrict proxy support to users who logged in via the public access login page. Proxy traffic from users authenticated via other methods is blocked.

 

HTH

 

J

Jesse R
Source One Technology, Inc.
HP Partner


MSM 5.7.x deployment guide:

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.