Configuration Profiles - Proxy Server Settings

I have exactly the same problem that you. I tried adding a dictionary at the top of the file, but my iPod didn't like the new configuration file and refused to import it. The problem is that the documentation is not clear enough and, to make the thing worse, the DTD used by this file is just too simple:

http://www.apple.com/DTDs/PropertyList-1.0.dtd

The DTD used is generic enough to describe PropertyLists, but I think Apple should also incude a DTD that describes the format for this particular file. Then, it be would easier to validate this file and also to make easier for people to figure out where changes should be made.

🙂 IT WORKS NOW! 🙂

Get the new iPhone Configuration Utility
http://www.apple.com/support/iphone/enterprise/

Then Go to "*Profils de configuration*" then " Avance" and "*Serveur proxy et port*" (my computer speeks french 🙂 ).

And you can setup a proxy server for your 3G browsing. Now I can browse my company VPN using my iPhone over 3G. Best of all, the secure Exchange mail calcontacts also works.

Thanks Apple for 3.0!

See U,
TOM.

I would try again to get this configured using the iPhone Configuration Utility before hacking the plist. Why can't you just check PAP authentication in iPCU? Look under Wi-Fi > Authentication > Inner Authentication.

Hi,

I too have been wondering what to put where and have found the following..

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>Proxies</key>
<dict>
<key>PropNetProxiesHTTPEnable</key >
<integer>1</integer>
<key>PropNetProxiesHTTPProxy</key>
<string>proxy</string>
<key>PropNetProxiesHTTPPort</key>
<integer>8080</integer>
<key>HTTPProxyUsername</key>
<string>username</string>
<key>HTTPProxyPassword</key>
<string>password</string>
</dict>
<dict>


Excuse the bad formatted XML and incomplete but that should give you some clues as to where it might fit into the XML.

While this installs for me I cannot actually make it work or at least I havent successfully routed through the proxy.

Let me know if it is useful and how you go with it..

Cheers
Grant

Hi,

Yes that's why Apple need to add this (more than likely other) configuration options to the configurator.

Below is a complete file that works for me. I have changed information in this for obvious security reasons, so it probably wouldnt work exactly like this.

Test at your own risk

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple Computer//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>Proxies</key>
<dict>
<key>PropNetProxiesHTTPEnable</key >
<integer>1</integer>
<key>PropNetProxiesHTTPProxy</key>
<string>proxy</string>
<key>PropNetProxiesHTTPPort</key>
<integer>8080</integer>
<key>HTTPProxyUsername</key>
<string>username</string>
<key>HTTPProxyPassword</key>
<string>password</string>
</dict>
<key>EAP</key>
<dict/>
<key>OverridePrimary</key>
<true/>
<key>PPP</key>
<dict>
<key>AuthName</key>
<string>username</string>
<key>CCPEnabled</key>
<true/>
<key>CCPMPPE40Enabled</key>
<true/>
<key>CommRemoteAddress</key>
<string>vpn address</string>
<key>TokenCard</key>
<true/>
</dict>
<key>PayloadDescription</key>
<string>Configures VPN settings, including authentication.</string>
<key>PayloadDisplayName</key>
<string>VPN (VPN Configuration)</string>
<key>PayloadIdentifier</key>
<string>test.mobileprofile.vpn</string>
<key>PayloadOrganization</key>
<string>test organisation</string>
<key>PayloadType</key>
<string>com.apple.vpn.managed</string>
<key>PayloadUUID</key>
<string>8c188b36-01ca-2b5e-878a-6bd95899053e</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>UserDefinedName</key>
<string>VPN Configuration</string>
<key>VPNType</key>
<string>PPTP</string>
</dict>
<dict>
<key>EncryptionType</key>
<string>WEP</string>
<key>HIDDEN_NETWORK</key>
<false/>
<key>PayloadDescription</key>
<string>Configures wireless connectivity settings.</string>
<key>PayloadDisplayName</key>
<string>Wi-Fi</string>
<key>PayloadIdentifier</key>
<string>test.mobileprofile.wifi</string>
<key>PayloadOrganization</key>
<string>test organisation</string>
<key>PayloadType</key>
<string>com.apple.wifi.managed</string>
<key>PayloadUUID</key>
<string>1360fef1-0df5-aa50-8e3c-96fee313d85d</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>SSID_STR</key>
<string>testssid</string>
</dict>
<dict>
<key>PayloadContent</key>
<array>
<dict>
<key>DefaultsData</key>
<dict>
<key>apns</key>
<array>
<dict>
<key>apn</key>
<string>test.apn.com</string>
<key>password</key>
<data>
</data>
<key>username</key>
<string>username</string>
</dict>
</array>
</dict>
<key>DefaultsDomainName</key>
<string>com.apple.managedCarrier</string>
</dict>
</array>
<key>PayloadDescription</key>
<string>Provides customization of carrier Access Point Name.</string>
<key>PayloadDisplayName</key>
<string>Advanced Settings</string>
<key>PayloadType</key>
<string>com.apple.apn.managed</string>
<key>PayloadUUID</key>
<string>19efca0f-fa8d-a257-bbf4-1b4097280e44</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</array>
<key>PayloadDescription</key>
<string></string>
<key>PayloadDisplayName</key>
<string>test</string>
<key>PayloadIdentifier</key>
<string>test.mobileprofile</string>
<key>PayloadOrganization</key>
<string>test organisation</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadUUID</key>
<string>534309ef-9bde-3055-98ee-b0ba59736786</string>
<key>PayloadVersion</key>
<integer>1</integer>
</dict>
</plist>

hej
I got it run.
The profile of grantie is working fine on my iPhone but could anybody help me cutting out VPN and Wi-Fi settings out of this profile?

Everytime I try cutting VPN and Wi-Fi my iPhone doesn't accept the config-file anymore.
I only need APN and Proxy Settings for a working connection.

Many Thanks so far!!!

i edit the preferences.plist file and it does work but now i am unable to bypass one server from the proxy (the exchange server)

and i prefer a configmobile witch does this setting for me

hard to believe that apple thinks that this is also a suitable enterprise phone????

<key>Proxies</key>
<dict>
<key>HTTPEnable</key>
<integer>1</integer>
<key>HTTPPort</key>
<integer>8080</integer>
<key>HTTPProxy</key>
<string>proxy.k</string>
<key>HTTPSEnable</key>
<integer>1</integer>
<key>HTTPSPort</key>
<integer>8080</integer>
<key>HTTPSProxy</key>
<string>proxy.k</string>
</dict>

Hi KonicaMinolta,

I have the same need: use a company proxy over 3G and a dedicated APN.

A managed to setup the APN in the .mobileconfig file, but none of my proxy settings works over 3G.

I understand that you did it? How?

Thanks for your help,
TOM.

I've seen proxy settings acting very strange in the various iPhone configurations.

My company use a private APN with username/password and once i connect there i can go everywhere in the intranet web sites, but of course i can't go anywhere on the internet since i've to use a proxy (ISA)

if i use Iphone Configuration Utility and set a proxy to the APN every time safari or appstore launch ask me for my proxy username/password, Maps don't work. When i give username/password they are valid until i reboot the device.

The same happen if i configure an authenticated proxy in the VPN settings, seems like iphone os completly ignore the Authentication info, it acts exactly as the APN proxy.

This because (i think) neither in the vpn config or the apn config the proxy authentication info are stored in the keychain.

BUT..

i found a workaround for making work an authenticated proxy with dedicated apn without entering username/password on every reboot:

1) create an ad-hoc wifi network on your mac/pc
2) associate to that network with iPhone
3) in the WiFi properties configure a proxy as MANUAL, use the same ip/hostname you used on the APN
4) fill in the username/password field
5) save it..

now if you disconnect from the wifi and try to use appstore, safari or even google maps everithing is fine 🙂

i tested this on 2 3G and 1 3GS succesfully

The only 'bad' thing is that whenever you have to change password you have to use the SAME SSID you used the first time to create ad-hoc network.

hope this could help someone.

hi, i've the same problem that you describe..
my compani use APN with proxy server on port 8080, but my iphone 3gs can't set proxy...
i istall iphone configuration utlity...
if i istall a new profile, with advanced settings for apn proxy, may something on my phone cancell?
Thanks

as I said before it works perfectly by editing the plist. But today I updated the phone to 3.01 because it should have proxy support witch is great. Now it is stock again. With update from 2.2 to 3.01 I lost the apn settings, so I entered by the now new config module 2.0 the new settings with proxy server.
first time it did nothing but after opening safari (some times) it prompts for username and password and indeed browsing was no problem but now exchange does not work while that is available with AND without the proxy server ??? and as i read before wheater (maybe more) does not work trough the proxy by apple config. so we are getting close but not there yet !!
I will try some more settings etc but in worst case i will edit the plist again! the device is capable to do it only the config way is not here....

Best regards

Jeroen

It does also work here now, i had to exclude the exchange server from the proxy, i have done that in the proxy server (could not find it in the iphone. where it should be ). The wifi trick also work here, thanks for that !

Jeroen