VPN Proxy configuration with authentication credentials

Hi. I’m running into a possible issue where I’m setting https Proxy configuration for my PacketTunnelProvider network extension. The proxy is a simple test squid proxy, with authentication. Requests using curl work correctly. On iOS the traffic seems to be correctly routed to the proxy (through the vpn) but when I programmatically add a username/password + authenticationRequired, in order to authenticate with the proxy (Under https://developer.apple.com/documentation/networkextension/neproxyserver). the credentials don’t seem to be sent at all. The proxy sends a 407 response, and on my iOS device I get a “Proxy Authentication Required” dialog (with the correct proxy ip/port). Is this expected? Should the proxy be set up in some way in order for this to work?

Thanks

Up vote post of BenevolentLobster Down vote post of BenevolentLobster
625 views
Posted by
BenevolentLobster
Reply
Add a Comment

Replies

On iOS the traffic seems to be correctly routed to the proxy (through the vpn)  but when I programmatically add a username/password + authenticationRequired, in order to authenticate with the proxy. the credentials don’t seem to be sent at all.

Just for my understanding here, so the proxy is on the other side of the VPN server correct? So the VPN on the client encapsulates the traffic and sends it to the VPN server and then it hits a proxy on the other side of the VPN server? Is that the case? If so, it sounds like there are a few places where you could check to see where these headers are potentially be lost. The first would be the traffic that is being read from the virtual interface on the client?

Posted by
meaton
Up vote reply of meaton Down vote reply of meaton
Add a Comment

Hi, I will answer on behalf of my colleague BenevolentLobster.

Yes, the proxy server is on the other side of the VPN server: iPhone -> VPN -> Proxy

After inspecting the packets being read from the virtual interface it seems like no headers are being sent over there as well.

Posted by
eladboris
Up vote reply of eladboris Down vote reply of eladboris
Add a Comment