Access to ProxySG management console GUI is prompting for credentials even though policy is configured to allow access from source IP address


Article ID: 169111


Updated On:


ProxySG Software - SGOS


You may have relied on admin access policy configuration to allow administrators at specified client IP addresses to access the management console of the ProxySG on SGOS 6.6.2.x and prior without getting prompted for authentication credentials. 

For example, the following CPL policy allows administrators accessing from the source IP address of to access the management console with read-write privileges without getting prompted for credentials in

ALLOW client.address= admin.access=(READ, WRITE)

After upgrading to, the following policy will still be effective but administrators at the specified source IP address will be prompted for authentication credentials. 


As of SGOS and later, for security purposes, the ProxySG no longer supports unauthenticated administrator access. That means no matter how admin access policy is configured, access to the management console will now always prompt for authentication credentials.


Any administrator that should be granted access to the management console of the ProxySG should be given a username and password. When providing the built-in console account credentials is not practical, it is necessary to configure admin authentication using authentication services, such as Microsoft Active Directory (see Use policy to control ProxySG administrator access for more information). Alternatively, you can also configure a local authentication realm on the ProxySG (see Configuring local realm for management console access on ProxySG for more information).