HTTP Force Proxy on MR Access Points
HTTP Proxy allows network operators to route all HTTP traffic through a specific proxy. If enabled on a network, the destination of all outgoing TCP connections destined to port 80 will be rewritten by the Meraki Access Point upon egress. The feature is configured on per-SSID basis and only supports SSIDs that are configured for bridge mode.
Note: If configured on the SSID, splash page traffic will be routed through web proxy
HTTP Proxy is often implemented to address security, content filtering, or logging/audit requirements.
When an HTTP proxy is implemented in the network, devices that need to reach external sources typically require manual configuration.This process may result in a lot of overhead in large networks. Automatic proxy discovery is another option but comes with additional challenges.
Using HTTP Force Proxy feature on MR Access Points allows customers to leverage the HTTP proxy on their network without having to make any changes to the client devices.
Enabling HTTP Force Proxy
Since most networks do not leverage an HTTP proxy, this feature is hidden and disabled by default in dashboard. The proxy configuration options may be enabled on any Meraki MR Dashboard network by our Support team.
Configuring HTTP Force Proxy
Once enabled, the feature can be configured for each SSID under Wireless > Firewall & Traffic Shaping. HTTP force proxy option will be available to users as shown in the picture below. A network administrator must configure the HTTP proxy server information such as the IP and port. Additionally, subnets may be excluded from this rule if defined under Excluded subnets.
Customers can verify the settings using the Test button. Once clicked, dashboard will instruct Access Points in the network to initiate a request to access internet through the configured proxy. The results show which Access Points passed/failed the test.