Skip to main content
luca1994
luca1994
Explorer III
November 4, 2024
Solved

FortiProxy - how to configure no auth for specific application

  • November 4, 2024
  • 3 replies
  • 2788 views

Hi all,

I am working on a test machine configured to access the Internet via a proxy PAC script set to FortiProxy. At the moment, when I open the browser, the proxy authentication banner appears correctly; by entering the domain credentials, I can browse without problems.

Now, however, I need to configure FortiProxy so that Microsoft Teams can bypass authentication. The goal is to allow Teams to run without requiring proxy authentication, while for other services the proxy login request should continue to work as it does now.

 

What are the methods for doing this?

 

Thanks in advance for the support

BR

Best answer by saleha

Hi Luca,

 

Technically with the use of pac file you can force this behaviour of no authentication by editing the pac file I believe but it would be a white list kind of configuration. If the goal is to never authenticate when accessing any url then probably an "IF" condition where you set a value for a bogus url for example and the condition would be opposite to whitelist. Basically as long as that fake url is not hit, bypass authentication and {return "DIRECT";}. Basically the opposite of the article I provided previously:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-explicit-proxy-auto-config-PAC-to/ta-p/189731

 

Thank you,

saleha

3 replies

saleha
Staff & Editor
saleha
Staff & Editor
November 4, 2024

Hi,

 

Thank you for reaching out. I believe this is something that needs to be done on the PAC file itself. the following is an article that provides an example of how to achieve such task:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-explicit-proxy-auto-config-PAC-to/ta-p/189731

Thank you,

saleha

luca1994
luca1994Author
Explorer III
November 18, 2024

Hello and sorry for the delay,

 

thanks for the tip.

I also ask if it is possible to configure an explicit proxy that never asks for authentication, i.e. if I set up this proxy on the client I would like it not to ask for 'authentication mail.

This is just for testing purposes.

 

Thanks for the support.

BR

saleha
Staff & Editor
salehaAnswer
Staff & Editor
November 20, 2024

Hi Luca,

 

Technically with the use of pac file you can force this behaviour of no authentication by editing the pac file I believe but it would be a white list kind of configuration. If the goal is to never authenticate when accessing any url then probably an "IF" condition where you set a value for a bogus url for example and the condition would be opposite to whitelist. Basically as long as that fake url is not hit, bypass authentication and {return "DIRECT";}. Basically the opposite of the article I provided previously:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-explicit-proxy-auto-config-PAC-to/ta-p/189731

 

Thank you,

saleha

Terms & ConditionsAccessibility statement