This article describes some of the methods of bypassing both transparent and non-transparent proxies.
Sometimes, a website or an application needs to be able to bypass the proxy. Depending on the type of setup and the device or application that needs to bypass the proxy, the solution might be different.
Bypassing the proxy is done in separate places, based on whether the bypass is for a non-transparent proxy or a transparent one. Often both proxy types are in use, so a bypass must be configured for each.
Bypassing a Non-Transparent Proxy
Adding proxy exceptions for a non-transparent proxy is done in the proxy settings distributed to the client. You can use a GPO to push proxy settings, PAC files and proxy auto discovery. See our knowledge base article, Using Transparent versus Non-Transparent Proxying.
Once exceptions have been added to the proxy settings for the client, exceptions might need to be made on the transparent proxy too.
Adding Exceptions for the Transparent Proxy
To ensure that traffic is not intercepted by the transparent proxy, source or destination, you must enter exceptions in Web filter Exceptions. See our help topic, Exempting devices from web filtering. Any IP address, range or subnet that is added to the destinations field means that web traffic going to those destinations will not be intercepted by the transparent proxy.
Conversely, any IP address, range or subnet added to the source exceptions, will not have any web traffic intercepted.
NOTE: Destination exceptions can only be done with an IP address in the transparent proxy exceptions.
Bypassing Proxy Completely for an IP Address
Devices like franking machines, printers etc might need to bypass the proxy completely. By using the source exceptions in Web filter Exceptions we can add IP addresses that will bypass the proxy and then reserve those IP addresses in DHCP for devices that need to bypass the proxy. See our help topic, Exempting devices from web filtering.
NOTE: When the proxy is bypassed, the firewall rules apply to the outgoing web traffic. Check the firewall rules to make sure that they are also allowing the sources/destination to have access.