How to solve the bug Web proxy with android devices?

[novel]

Hello,

I read a lot of guides how to fix the bug Web Proxy with android devices. All of them fail on 2023 with OPNsense 23.7.9-amd64 version.

Is anybody here that solved this bug. Please tell me the way to solve on my opnsense firewall.

 I want to enable web proxy on my system but I cannot because all my android devices cannot connect to the internet.

Thank you

[cookiemonster]

sorry, what bug would that be?

[novel]

sorry, what bug would that be?

Web proxy works all devices excpet android devices. There are post here with the same problem since 2018. Please look at the forum below.

https://forum.opnsense.org/index.php?topic=7664.0

[cookiemonster]

I don't see a bug there, only a problem reported that ended up as a couple of configuration problems.

[novel]

I don't see a bug there, only a problem reported that ended up as a couple of configuration problems.

I have setup sucessfully web proxy. My laptop and stable pc works perfect without any problem. On two android device I have installed cerftifaction "VPN and apps" but I don't have internet at all whole device.

Do you know what problem there is? I setup with below guide

https://docs.opnsense.org/manual/how-tos/proxytransparent.html


Thank you

[novel]

So, am I a unique person that  I have this problem on OPNsense?

All users has successfully setup web proxy with android devices or they don't care about my question.

Is anybody here that solved this bug. If yes...Please tell me the way to solve the same problem on my opnsense.


Thank you

[Patrick M. Hausen]

Nobody I personally know uses web proxies.

[cookiemonster]

Sorry novel. I don't use them, I don't see the need in a non-corporate environment where other and better solutions (commercial and expensive) exist. I don't criticise your want to set it up by the way.
What I am trying to point out is that you keep calling a failure to create a documented setup as a bug. Maybe it is, but without fully qualifying it and showing what you have setup including your mobiles, showing logs, failures with evidence, etc., it is hard to qualify it as such on a forum.

[Patrick M. Hausen]

I suggest you open an issue on github. This includes instructions on how to reproduce the problem.

[novel]

Nobody I personally know uses web proxies.

Can I ask you something? Services: Web Proxy: <--- is this osi layer 7 ? I think yes....How can I  inspect the http/https  application layer 7 web pages and other protocols???

There are a lots of other brands firewalls that inspect the traffic at layer 7 . Is there alternative in opnsense?? Layer 7 - application layer

[novel]

Sorry novel. I don't use them, I don't see the need in a non-corporate environment where other and better solutions (commercial and expensive) exist. I don't criticise your want to set it up by the way.
What I am trying to point out is that you keep calling a failure to create a documented setup as a bug. Maybe it is, but without fully qualifying it and showing what you have setup including your mobiles, showing logs, failures with evidence, etc., it is hard to qualify it as such on a forum.

As I said to Patrick  aplication layer -  osi lelve 7 is very important. I want to use it. My laptop and stable pc are ok. The problem is for ipad and android devices.  There are other posts that have the same problem.

Pleaase can you help me? How to solve it?

[novel]

I suggest you open an issue on github. This includes instructions on how to reproduce the problem.

I don' know how to do it. I have a account on github but I don't use it.

[Patrick M. Hausen]

Novel, the answer to your question "how to inspect HTTPS" is simple: the point of HTTPS is that you don't. There are hundreds of engineers working hard to improve what started as "SSL" to create a reliably confidential channel between the browser and the server/application.

[novel]

Novel, the answer to your question "how to inspect HTTPS" is simple: the point of HTTPS is that you don't. There are hundreds of engineers working hard to improve what started as "SSL" to create a reliably confidential channel between the browser and the server/application.

Ok, I understand...So your experience is that I don't need inspection for https . Right?

Please tell me unecrypted traffic on port 80 http ? Is this protocol needs configuration with web proxy. If you know other way , thats fine.

[Patrick M. Hausen]

Zenarmor?