Topic
This article discusses how to configure the NinjaOne Agent for use over a proxy server.
Environment
NinjaOne Endpoint Management
Description
A proxy server forwards network traffic between a device and the Internet. Organizations often use a proxy to control, filter, or monitor traffic.
You need to configure proxy settings in these cases:
- The NinjaOne Agent does not have proxy settings configured.
- The NinjaOne Agent already has incorrect proxy settings configured.
Refer to NinjaOne Agent: Supported Functionality Over a Proxy Server for information about what functionality is supported over a proxy
Index
- NinjaOne agent does not have proxy settings configured
- NinjaOne agent already has proxy settings configured
- Set up a Proxy for NinjaOne Remote
- Proxy Auto-Detection for Windows
If the NinjaOne RMM agent does not have proxy settings configured
In this scenario, you created an organization for a new client and need to add proxy settings to the NinjaOne RMM agents so that the NinjaOne agents point to the proxy server.
Solution for Windows OS only
Add the registry keys below to each device.
32-bit device:
[HKEY_LOCAL_MACHINESOFTWARENinjaRMM LLCNinjaRMMAgentServer]64-bit device:
[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeNinjaRMM LLCNinjaRMMAgentServer]Example:
- "ProxyHost" = "192.168.32.144" (ProxyHost should be String Value)
- "ProxyPort" = dword:00000c38 (ProxyPort should be a DWORD (32-bit))
optional:
- "ProxyAuthName" = "SomeUserName"
- "ProxyAuthPassword" = "aPassword"
Solution for all OS
Proxy prompts will ask for the type, host, and port. Username and password are optional.
Run the following command from the NinjaOne agent folder:
Windows:
.NinjaRMMAgent.exe /setproxy -host [IP] -port [PORT] -user [USER] -password [PASSWORD]Example:
.NinjaRMMAgent.exe /setproxy -host 127.0.0.1 -port 80 -user root -password helloworldLinux:
./ninjarmm-linagent -set-proxyMac:
./ninjarmm-macagent -set-proxyTo account for the new proxy settings, the NinjaOne service needs to be restarted. Please follow this article to restart the agent from a custom script.
The proxy password is automatically hidden after the first successful login using this password.
Solution for all OS
Run the following command from the NinjaOne agent folder:
Windows:
.NinjaRMMAgent.exe /removeproxyLinux:
./ninjarmm-linagent -remove-proxyMac:
./ninjarmm-macagent -remove-proxyThen, follow the steps above to set the proxy via the command line.
Set up a Proxy for NinjaOne Remote
Establishing a proxy for a player or streamer requires additional steps. NinjaOne Remote supports the use of HTTP(s) and SOCKS5 proxies with network support. However, it does not support the HTTP proxy.
The system environment variable NC_PROXY format must be defined as follows:
| Parameter | Description |
|---|---|
NC_PROXY | 192.168.1.1:1080:username:password |
192.168.1.1 | IIP address of HTTP(S)/SOCKS5 proxy |
1080 | Proxy port (8080 common default for HTTPS proxy) |
user | Username for the proxy (leave blank if no user) |
password | Password for the username (leave blank if no password |
Note: Even if there is no username and/or password the trailing colons are still required. (e.g. 192.168.1.1:8080:user: or 192.168.1.1:8080:
During startup, the player or streamer examines this environment variable, and if it exists and has a correct format, uses that parameter to establish the connection via that proxy.
NC_PROXY setup example for Windows
To create a new system variable, go to Settings > System > About > Advanced system settings > Environment Variables, and then under System variables, click New.
Proxy Auto-Detection for Windows
- Customers can now deploy agents more easily in complex network environments where previously this was manually configured and scripted. This will reduce the time spent onboarding and managing proxy settings and deployments fleet wide for IT Departments, and enable MSPs to scale across unique and diverse environments.
- When an agent is running on a Windows OS that supports a native proxy configuration, the agent will detect and use the native settings for connectivity, so that manual configuration of the agent is no longer required.
- When the agent is not able to connect through the automatically detected proxy settings, the agent will directly connect to the NinjaOne server, so agents can remain connected to the dashboard.
To enable this feature, add a new DWORD value to the Windows registry:
[HKEY_LOCAL_MACHINESOFTWAREWOW6432NodeNinjaRMM LLCNinjaRMMAgentServer] ProxyAutoDiscovery = 1
To disable this feature, delete the value or set it to 0.
Bypass Proxy Settings
When the proxy is configured, but there is no internet access through the proxy, the Agent/Patcher has the capability to detect a direct internet connection and seamlessly switch to it. This is particularly useful in scenarios where a user transitions from an environment with a configured and functioning proxy, such as an office setting, to a different location where there is no longer a proxy available, or vice versa.
As you can read in the terminal, for the proxy configuration to take effect, you must restart the NinjaOne RMM agent.