How to completely block internet and allow specific websites with Proxy

NethServer Version: 7.8.2003
I have an OpenVPN Neth server setup which is configured to access specific websites and servers. With Firewall configurations alone, I could get the sites and servers that I’ve specified. When it comes to proxy, even though I have added categories and filters, a number of machines are able to access other public websites. This issue is mostly found in Windows 10 machines. On 98% of Ubuntu machines, proxy is working as expected. What could be the issue?




And Welcome to the NethServer Forum!

One simple thing when using a mandated proxy is often forgotten:
Do not allow any machine except your Proxy (NethServer) or other important Servers to directly access the Internet with Ports 80 and 443.
Access should be ONLY through the Proxy.
This needs to be set on your firewall!

Windows - all versions since 2000 until Windows 10 - will respect WPAD and Proxy. Linux and Mac will generally accept WPAD, but you need to set Automatic Discovery. Firefox allows this directly in the Browser, but it’s also possible on OS Level.
In Win10: Settings -> Network and Internet -> Proxy
The setting is on top: Automatic discovery… (Activate this)

Instead of “Transparent” you can use “Manual”. To use this in NethServer you need only a DNS Alias for the two:

-> This file is a simple textfile with some JS inside and can be edited as needed.
WPAD is quite powerful, see Google for some examples what’s possible.

These two tips should help…

My 2 cents

1 Like