I have a Windows machine with remote access to a Debian machine for development. Both are behind a corporate proxy. On the Debian side cntlm is configured with authentication and used automatically via the http_proxy
env vars.
Further, the Debian machine is configured to resolve the .test
TLD to localhost, such that e.g. curl myservice.test
can be used to reach a service in development.
In order to do the same in a browser in the Windows machine I use a dynamic SSH forward (ssh -D 8888 user@debian
) and configured Firefox to use localhost:8888
as a SOCKS5 proxy with DNS resolution enabled. This works great to load the development services. However, with this config any internet page times out. Therefore it seems like the cntlm proxy of the remote machine is not in use. Note that websites can be reached from the SSH session in the remote. My understanding is that all traffic would go through the SOCKS proxy and therefore be equivalent to it originating from the remote machine itself. However, does this not inherit the proxy env variables? Is it possible to configure this proxy chain to have access to both internal developments and the internet in Firefox?
I have also tried ssh -D 8888 -L 3128:debian:3128
(3128 is where cntlm listens) and configure the http proxy in firefox to use localhost:3128
. In this case the internet works but my internal services are not resolved (DNS error).