Proxy authorization is a setting that you enable in a policy to require that ETP Proxy authorize connections from the on-premises proxy in a proxy chaining configuration. This setting adds the Proxy-Authorization header to these connections. The Proxy-Authorization header contains proxy credentials that are used to authenticate the on-premises proxy. ETP Proxy validates these credentials before it allows connections from the on-premises proxy.
- Configure proxy credentials. This process involves creating a username and password. For instructions, see Create a proxy credential.
- Configure these proxy credentials in the on-premises proxy. For instructions on configuring these credentials in Squid, see Configure Squid to forward traffic to ETP Proxy.
- Select to trust the X-Forwarded-For header in a policy. For instructions, see Enable a full web proxy.
- Enable the Proxy Authorization setting in the policy. For instructions, see Enable a full web proxy or Enable proxy authorization
- If authentication fails, a browser error message indicates that authentication failed.
- If proxy authentication is enabled in a policy and there are no proxy credentials configured, a browser error message indicates that proxy authentication is required.
If proxy authorization is not enabled in a policy for a proxy chaining configuration, requests are accepted by ETP Proxy as long as they come from a known location.