0

pals, I'm using a PC (OS: Windows) inside a corporate network (a LAN) which allows internet connections through a proxy (classical situation), and I can't access to certain websites (Firefox is my WebBrowser) because the proxy is denying me the access to them. Something like this:

PC client <--LAN--> Corporate Proxy <-> Internet (Websites, etc.)

I was told that using cntlm I can get connected to those websites using the cntlm tunneling feature. So, I'd like to know how should I configure the cntlm.ini file making use of that feature (tunneling) and this way get an internet connection without my corporate proxy "watching" it and denying me every website I visit.

I'm sorry if this is a dumb question but I'm a novice in these themes. I'd really appreciate your help !!! Thanks a lot in advance! :-)

Asiel
  • 1

1 Answers1

0

I'll prefix this answer by saying that doing this is going to break the terms and conditions of your use of your corporate services. It probably breaks your Acceptable Use Policy and could easily result in you being fired. In some industries the outcome could be worse & you could end up in prison.

To achieve this, you need access to a server outside your corporate network that allows you to tunnel your traffic.

You can then use cntlm to act as a broker with your corporate proxy allowing you to use local applications that are not able to authenticate with the proxy - this is a common pattern for Microsoft proxy's since they often use NTLM authentication that many development tools don't understand.

So to access a disallowed service, run PUTTY or similar to connect to a server that allows you to set up an SSH tunnel. But instead of connecting PUTTY direct to that server - which will fail because PUTTY cannot use NTLM to authenticate to the proxy - connect via cntlm.

Julian Knight
  • 14,749
  • 3
  • 31
  • 46