HTTPS Inspection ignores HTTPS traffic via proxy with authentication

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk101166
Technical Level
Product	HTTPS Inspection
Version	R75.40 (EOL), R75.40VS (EOL), R75.45 (EOL), R75.46 (EOL), R75.47 (EOL), R76 (EOL), R77 (EOL), R77.10 (EOL), R77.20 (EOL), R77.30 (EOL)
OS	Gaia, SecurePlatform 2.6
Platform / Model	All
Date Created	07-Jun-2014
Last Modified	21-Jul-2021

Symptoms

HTTPS traffic via proxy with NTLM authentication is not inspected by HTTPS Inspection and is bypassed.
HTTPS traffic via proxy with Kerberos authentication is not inspected by HTTPS Inspection and is bypassed.

Cause

This is an HTTPS Inspection limitation.

In case of proxy with NTLM Authentication, the reply to Security Gateway's "connect" request is "407 Proxy Authentication Required", so Security Gateway short-circuits the connection. As a result, HTTPS Inspection is not enforced.

Solution

Note: To view this solution you need to Sign In .