Summary
How to connect iOS devices to a proxy.
What is the best way to filter the Internet through it?
Problem
I want to use my iPad / iPhone or other iOS device through Smoothwall.
iPad and iPod devices can be challenging to get working through a proxy. There are however, a couple of things you can do though to get your iOS device to work through the filter and give users a safe, filtered, web experience.
Solution
Note: The instructions detailed here are only suitable for filtering web browser traffic on iOS devices. Traffic from applications downloaded from the App Store cannot use a proxy for authentication purposes, therefore the Smoothwall does not receive the user's credentials. It is recommended you "lock down" your devices to avoid seeing unfiltered traffic.
- Configure an authentication policy in Web proxy > Authentication > Policy wizard, where the authentication method is either:
- Redirect users to SSL login page (with session cookie): This is filtering by username. This will require your users to enter in their usernames and passwords, allowing them to be filtered according to your filtering rules as normal. (If you connect your Smoothwall to an Active Directory, they can use their AD usernames and passwords).
- Point your iPods and iPads to this proxy. iOS proxy settings on the iPad are located under the Settings menu > Wi-Fi settings on version 4 of iOS.
If you need to use proxy exceptions (required for those sites that cannot use a proxy or for browsing in general), you'll need to use a proxy.pac
file configuration with IP address and port number, as the iOS operating system does not support proxy exceptions when the proxy is configured manually. Using the proxy.pac
file is recommended if the SSL Login method is to be used.
If you have configured a transparent authentication policy:
- Export the HTTPS certificate from the Smoothwall Guardian > HTTPS inspection > Settings.
- Email the certificate to the email account linked to the iOS device.
- Open the certificate from the email.
- You will be prompted to install the certificate, choosing the appropriate authentication method.