Why don’t mobile devices automatically receive proxy settings over Wi-Fi? Is there a solution to this?
They obtain a proxy but seem to ignore it. You could see that in the logs. You could block outgoing traffic on 80 and 443 but it appears that some apps don‘t work then.
My aim isn’t to block traffic, but to ensure they work according to the proxy.
Afaik it‘s not iPFire‘s fault, it‘s how the mobile OS’s are handling proxies. Again, you could force the mobiles using your proxy by blocking 80 and 443 outgoing but some mobile apps stop working then. However, Safari eg, works then as intended, also blocking ads if blacklisted. Try it out, you‘ll see.
The publication of network policies is an offer, not a constraint.
Therefore it is possible for developpers, that ‘know best’, to ignore this. Especially smartphone OSs realize this philosophy.
Nowadays this is true for many IoT devices also. Search for articles of ‘robotic vacuum cleaners’, for example.
Try using WPAD.
Enter the automatic proxy address in your mobile’s Wi-Fi settings:
http://ipfireIPaddress:81/proxy.pac
Doing this to hundreds of mobile phones is not a practical solution.
This doesn’t definitivly solve the problem. If the mobile doesn’t obey to this settings, you can’t do anything ( besides not using the device 
).
So how do box devices do this? Like WatchGuard or Fortigate?
Use DNS Firewall with CU201