Video Screencast Help

Problem with SEP Proxy authentication fieldname lenght

Created: 29 Oct 2012 | 7 comments

Hi everybody.

i have a customer using SEP 12.1 from almost a year successfully. Recently theu changed internet connection and now they are pass thru a proxy server requiring an authentication.

When in "Setting Server Proxy Liveupdate" box SEP asks for:

proxy host:  proxy.cmve.it

HTTP Port: 3128

Authentication required

user name ..... the name i must insert is "mediaoi@occhieppoinf.it"

the box accepts only "mediaoi@occhieppoinf" since the box seems to allow 20 characters only instead i need 23 chars...

Any bypass or solution.

 

Thanks in advance. DonatoP. 

 

 

Comments 7 CommentsJump to latest comment

.Brian's picture

This looks to be a limitation on the client only.

Have you tried adding from the SEPM, the same limitation does not appear to exist.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

DonatoP's picture

thanks, but unfortunately the customer doesn't have a "real" server with SEPM installed (a very old and unadequate system), consequently the clients are "not controlled", stand-alone installation.

any work-around

 

DonatoP

 

.Brian's picture

Are you on the latest version of 12.1, which is RU1 MP1? I don't see anything in the release notes regarding new fixes but it's possible it has been fixed.

It's also possible Symantec does not know about this so you may want to open a support case to investigate further.

Please click the "Mark as solution" link at bottom left on the post that best answers your question. This will benefit admins looking for a solution to the same problem.

greg12's picture

Don't believe it's fixed because the behavior is the same on my 12.1 RU2 beta test version surprise

The authentication user name and proxy host name are saved in the client's registry as hashes.

If you have a SEPM at hand, you could try to follow Brian's suggestion above. After a test client has received the proxy settings, you can export them from the test client (Help > Troubleshooting > Export) and import them at the unmanaged client of your customer (Help > Troubleshooting > Import).

Don't know if it works; of course I don't know Symantec's algorithm to generate the hashes for user name and password.

sandra.g's picture

I would second the suggestion to open a Support case. It may be considered 'as designed'--but raising the concern that 23 characters may not be sufficient may lead to an enhancement request.

(I could not find any documents that talked about this specific issue at all.)

sandra

Symantec, Information Developer
Installation, Migration, Deployment and Patching
User Protection & Productivity, Endpoint Protection

Don't forget to mark your thread as 'solved' with the answer that best help

diabolicus23's picture

I had the same problem on a 12.1 RU1 MP1 system

The strange thing, as people before me said, is that apparently there is no reference about this "limitation".

It could be, at least potentially, an important thing to say to the customer before installation.

sandra.g's picture

Just to follow up with this--DonatoP, have you opened a case? If so, has Support helped you find a solution?

If not... I took a second look at your screen shot and when I compared your window to mine (admittedly, a managed client with client-side control, and in English smiley), I noticed there are two options for entering credentials: Basic or NTLM Authentication.

I'm using version 12.1.2015, the enterprise version (not Small Business). Do you have that version, and do you have this option? As you can see the latter option has no such character limitation, so you may want to confirm with your internet provider what type of authentication they require for their proxies.

sandra

ProxyConfigSEPClient.png

Symantec, Information Developer
Installation, Migration, Deployment and Patching
User Protection & Productivity, Endpoint Protection

Don't forget to mark your thread as 'solved' with the answer that best help