Non-transparent proxy will not work in every scenario

Non-transparent proxy will not work in every scenario.
E.g. I figured out that Amazon Prime Video (on AppleTV) will not work when I force the use of non-transparent proxy.
The Prime app then says that there is no internet connection.

I have configured AppleTV with Configurator 2 and a profile to use a proxy (global http proxy) => Proxy of IPFire.
Amazon Prime Video then still works.
But if I lock HTTP and HTTPS in the firewall rules and force the proxy, then no longer.

Therefore I have Transparent and Non-Transparent Proxy enabled in IPFire (in firewall rules I block HTTP). It works with that. In the proxy log I still see access to akamaihd (probably Prime Video).

Netflix and Apple’s own apps behave better and I don’t think they have these problems.

Maybe it’s not configured correctly on my end. The proxy seems to cause some kind of hiccup. When I go to my computers (I have configured Proxy in the settings for https und http) and it was off before and enter a URL in the browser, it doesn’t find a page at first. Shortly after that it does after I hit the Enter button again. Also on the AppleTV not every app finds the internet connection directly after restarting.

As for blocking: with the default proxy lists, very few trackers seem to be blocked. I consider trackers to be a big problem. That’s why I also have an additional Pi-Hole in use.
In URL FIlter logs (proxy) I can count what is blocked. In PiHole it is impossible. I have over 8 million domains there on the blocklist and something is blocked all the time.
I could try if the proxy filters more if I disable the Pi-Hole (but I don’t think so).

Yes, some web site services don’t work well with proxies.
I have that problem with Plex, when I want to access some material from a media-server across the internet then if I have the proxy on I get a media unavailable message but turned off I can access things fine. With the proxy on I can login to the server without any problems just not acxcess the content.

In that case you have to whitelist those sites/services to not be proxied. The only difficulty is finding out what the specific url is that is having the problem.

1 Like