KB Article | Forcepoint Support

Problem Description

When proxying through Content Gateway and accessing internal sites, client machines are prompted for credentials or the internal site is blocked.  To keep the internal site from being filtered, you need to bypass the prompt for credentials.


There are three methods to bypass an internal site depending on the deployment.
  • To apply the solution for clients using explicit proxy via IP: 
Add the internal site to the browser as an exception to not go through the proxy.
  1. Open Internet Options through the Run command: inetcpl.cpl
  2. Connections Tab > LAN Settings > Advanced > Exceptions.
  3. Type the URL, IP or even wildcarded domain (*.domain.com) for the intranet site
Once configured and confirmed to successfully work, this setting will need to be sent via GPO to all users in the environment. For instructions, see Microsoft’s website How to configure Group Policy Preference settings for Internet Explorer 11 in Windows 8.1 or Windows Server 2012 R2
  • To apply the solution for clients using explicit proxy via PAC file, see the section “How do I specify a URL in a PAC file to bypass Content Gateway” listed in PAC file best practices.
  • To apply the solution for clients using WCCP for transparent proxy, exclude the IP address of the internal site from the WCCP redirection to the proxy via the Cisco ACL. See Cisco’s website for information on WCCP configuration.

Keywords: user authentication issue; authentication prompt issue; internal sites; authentication prompts for internal sites; internal sites are blocked; proxy bypass; browser proxy configuration; pac file bypass; wccp; users incorrectly blocked

Article Feedback

Thank you for the feedback and comments.