Gibbopool2011

Q: iOS 5/iPad 2 proxy settings not being remembered

I recently upgraded one of my iPad 2's to iOS 5, but I seem to be having an issue the Wi-Fi connection in work. The wireless network has a hidden SSID and it requires some Manual proxy settings being put into the wireless config.

 

When I input the relevant information it seems to hold fine for a few seconds but when I go into Safari it prompts for an https:// proxy username and password, if I input the correct details it just prompts again and no matter how many times I input the correct information it still prompts for it over and over again, to the point that you just have to switch the wireless off to stop the message from flashing up.

 

I have an iPad 2 on iOS 4.3.5 and the same setting work perfectly fine on this iPad 2 but will not work on iOS 5.

 

I have even tried a Linksys Wireless Access Point plugged into the network with no hidden SSID etc and I still get the same thing on the iOS 5 iPad 2 it continually prompts for the proxy details, but the iOS 4.3.5 iPad2 works fine.

 

Is this a known glitch or am I just being a total idiot  : (  ?

iPad 2, iOS 5

Posted on Nov 2, 2011 6:15 AM

Close

Q: iOS 5/iPad 2 proxy settings not being remembered

  • All replies
  • Helpful answers

Previous Page 2 of 6 last Next
  • by doiwl,

    doiwl doiwl Jan 5, 2012 8:38 AM in response to Gibbopool2011
    Level 1 (0 points)
    Jan 5, 2012 8:38 AM in response to Gibbopool2011

    I have deployed web proxy for different customers and encountered the same issue.

     

    This seems to be a iOS bug to me. Unfortunately I do not have any device with support coverage anymore, so I did not lodge a case on this. Even one of the built-in service (Geolocation) will not honour the proxy settings in the Settings --> WiFi page. Whenever there is POST request to https://gs-loc.apple.com:443/clls/wloc , you will notice the pop-up request for credentials.Turning off geolocation service will reduce the occurence.

     

    Try talk to your network admin, there are some workaround can be done at the proxy side, for example using client IP address (iPhone / iPad IP address) as surrogate credentials. In this case the proxy will recognize all access request coming from the same IP address for a specific timeframe, without the need to keep on challenging for authentication. This works for me.

     

    Hopefully Apple will solve this in later iOS release, at the same time force all the third-party apps to use the proxy settings configured at the WiFi page.

  • by B-Mach,

    B-Mach B-Mach Jan 10, 2012 3:30 PM in response to doiwl
    Level 1 (0 points)
    Jan 10, 2012 3:30 PM in response to doiwl

    Lots of comments here hoping Apple will solve this bug. Has anyone actually lodged this as an official bug so that Apple can be informed about the issue start working on a fix? I think you can lodge a report here: http://developer.apple.com/bugreporter/bugrptform.html

     

    Without this there is a chance that Apple aren't even aware of the issue...

  • by doiwl,

    doiwl doiwl Jan 10, 2012 6:50 PM in response to B-Mach
    Level 1 (0 points)
    Jan 10, 2012 6:50 PM in response to B-Mach

    Nice sharing, thanks! Didn't know about this bug report form before this.

  • by joner89,

    joner89 joner89 Jan 17, 2012 3:40 AM in response to NKX
    Level 1 (0 points)
    Jan 17, 2012 3:40 AM in response to NKX

    Hi NKX,

     

    Your solution of a " well crafted PAC file " sounds very good and about the only thing that will work in the short term. Could you please provide some advice on how to go about doing this?

  • by Carlos Garcia5,

    Carlos Garcia5 Carlos Garcia5 Jan 17, 2012 9:32 AM in response to joner89
    Level 1 (5 points)
    Jan 17, 2012 9:32 AM in response to joner89

    I am also in the process of trying to implement a .pac file and any help and/or examples would be greatly appreciaed.

     

    Users are getting the proxy authentication prompt for every page/element that loads, making our wifi connection pretty much useless for our iPads.

     

    http://en.wikipedia.org/wiki/Proxy_auto-config

  • by Javisto,

    Javisto Javisto Jan 20, 2012 1:04 AM in response to Gibbopool2011
    Level 1 (0 points)
    Jan 20, 2012 1:04 AM in response to Gibbopool2011

    Hi All,

     

    Has anyone received any communication from Apple with regards to this issue?

  • by joner89,

    joner89 joner89 Jan 24, 2012 2:39 AM in response to Gibbopool2011
    Level 1 (0 points)
    Jan 24, 2012 2:39 AM in response to Gibbopool2011

    I have submitted a bug report this morning.

     

    Now we wait......

  • by B-Mach,

    B-Mach B-Mach Jan 24, 2012 2:47 AM in response to joner89
    Level 1 (0 points)
    Jan 24, 2012 2:47 AM in response to joner89

    Awesome. Thanks for that. This bug really is annoying me. I want to use my iPad again

     

    Do they give you some kind of reference when you submit a bug report?

  • by Javisto,

    Javisto Javisto Jan 24, 2012 2:59 AM in response to Gibbopool2011
    Level 1 (0 points)
    Jan 24, 2012 2:59 AM in response to Gibbopool2011

    Bug.jpg

     

    This is what I got after I logged the call with the developer team on the 19 Jan 2012 and I haven't receive any response....Still waiting.

  • by joner89,

    joner89 joner89 Jan 24, 2012 3:17 AM in response to B-Mach
    Level 1 (0 points)
    Jan 24, 2012 3:17 AM in response to B-Mach

    No problem, we have also ben trying to implement a PAC file this morning, as suggested by some others, we thought we had a it working but the prompts still occur . Yeah they send you an email with a reference number. Similiar kind of response to what Javisto has shown.

  • by Javisto,

    Javisto Javisto Jan 24, 2012 5:38 AM in response to Gibbopool2011
    Level 1 (0 points)
    Jan 24, 2012 5:38 AM in response to Gibbopool2011

    Hi Ladies/Gents,

     

    Am happy to say I got a fix that works until Apple releases a solution. Here is a solution if your network uses ISA Proxy server's NTLM authentication(i.e.,Microsoft ISA)

     

    Download the CNTLM 0.9.9.0.1 & Python language interpreter version 1.5.2 or higher and install them on the central location(in my case I used the DC), create one account on AD that has full access to the Internet and allow it on the ISA Proxy. Define the account on the cntlm.ini file and on the iPad proxy authentication user details and Bob is your uncle.

     

    Please follow these links for more info.

    http://ntlmaps.sourceforge.net/

    http://cntlm.sourceforge.net/

     

    Hope it works for all of you guys, cause no more annoying proxy authentication prompt for my users!!

  • by NKX,

    NKX NKX Jan 24, 2012 7:23 AM in response to Javisto
    Level 1 (0 points)
    Jan 24, 2012 7:23 AM in response to Javisto

    That, is NOT a fix. That will also allow every single person on your site to access the internet as a single user... bypassing any security and accountability the company needs to uphold. As I work in education, that would be a HUGE "duty of care" issue. I'd get a repremand for even suggesting it.

     

    I HAVE tried similar work-arounds as a proof of concept, and found the best and easiest is "Authoxy". With that I can set up my Mac as the Proxy server, configure it with my user credentials, and then set the iDevice proxy to use my Macs IP address and port for access. In this scenario, I also created a DHCP reservation for the iDevice to ensure it had a single, known IP address, and then configured the firewall to ONLY allow that specific host for remote access. Authoxy worked perfectly for the iDevice AND for various Flash/Java/Plugin/App authentication issues on both Snow Leopard and Lion. It is NOT a solution I would recommend anyone perform though. If you're in corporate IT and do this, you're a fool. If you're not in IT... I expect you to be fired.

     

    NOTE 1: I didn't reply before with a PAC file, as my initial trial success could not be replicated on other devices and I still got the prompts.

     

    NOTE 2: The only decent solution i have found, for those with ISA/TMG (and probably similar in other firewall/proxy packages) is to enroll ALL your iDevices in a DHCP pool as reservations. Then assign that IP range in ISA a new "Computer" rule and set it as unauthenticated. Get your users to supply their own credentials for the initial wireless access. This, unlike the solution above, means that all iDevice access can still be monitored and filtered (if you use filtering) via IP address assignment (which is listed against a user in our DHCP description). Filtering may not show "Joe Bloggs", but does show "172.16.15.96" which has a DHCP description of "Joe Bloggs". We have this running right now as a work-around.

  • by Javisto,

    Javisto Javisto Jan 24, 2012 11:04 AM in response to Gibbopool2011
    Level 1 (0 points)
    Jan 24, 2012 11:04 AM in response to Gibbopool2011

    NKX point taken hence I quote "until Apple releases a solution" what is important at this stage is that users are able to browse without getting annoying prompts and that gives me enough time to fine tune the fix or get another way of sorting out the problem.

     

    In my scenario the only people that are allowed to use iPad in the company network are executives & directors, they're individual accounts are setup for full internet access anyway which doesn't really make any difference and am the only person that knows the account. 

     

    These another option if you have individuals with different internet permission on your ISA server, which is a administration nightmare. On the cntlm.ini file you can specifiy all the users accounts that use iPads and authenticate on the proxy using those accounts instant of one generic account like in my case, that also works as I have tested it.

     

    Please note if this fix or work around is not suitable for your environmet  don't implement. But thanks for your feedback.

  • by Rockinrobstar,

    Rockinrobstar Rockinrobstar Feb 14, 2012 10:34 AM in response to Gibbopool2011
    Level 1 (0 points)
    Feb 14, 2012 10:34 AM in response to Gibbopool2011

    I am a sysadmin for my work. I am having this same problem using an IPCop authenticated proxy with iOS 5 devices.

     

    I think I have fixed it temporarily (until Apple get their arse in gear) by using the following PAC file stolen from Wikipedia. I have served this from my Mac using the build in Web Sharing, however I imagine any sort of LAMP server or equivalent would work as well.

     

    function FindProxyForURL(url, host)

      {

          return "PROXY 192.168.1.1:3128; DIRECT";

       }

  • by ctg201175,

    ctg201175 ctg201175 Mar 1, 2012 8:01 AM in response to Gibbopool2011
    Level 1 (0 points)
    Mar 1, 2012 8:01 AM in response to Gibbopool2011

    I take it there are no new developments on this? I work in an educational environment and as a previous person said the web access has to be extremely controlled so my IT dept are unwilling to use any of  the work arounds suggested previously. This isn't good as I just deployed a large number of iOS devices in my facilities management dept which are basically unusable and may as well be used as expensive door stops!

     

    Come on apple get your act in gear and sort this out or your going to loose many of your corporate customers.

Previous Page 2 of 6 last Next