You are on page 1of 15

Making Windows Store Apps to work on IIT Bombays proxy server

Pratyush Nalam http://www.cse.iitb.ac.in/~pratnala

Pratyush Nalam. Technology. Environment. Inclusive Society.

Table of Contents
1. 2. 3. 4. 5. 6. 7. 8. 9. Introduction ................................................................................................................... 3 Why is this suddenly a problem? .................................................................................... 3 How do we solve it? ....................................................................................................... 3 Procedure ...................................................................................................................... 4 Limitations ................................................................................................................... 12 Troubleshooting ........................................................................................................... 12 Some Tips ................................................................................................................ 14 Acknowledgements ...................................................................................................... 15 More questions? Feedback? ........................................................................................ 15

https://www.facebook.com/pratnala https://twitter.com/PratNala http://in.linkedin.com/in/pratyushnalam

Pratyush Nalam. Technology. Environment. Inclusive Society.

1. Introduction
Internet access in IIT Bombay is through netmon.iitb.ac.in, a squid-proxy server with basic authentication. Proxy servers are routinely employed in enterprise and education setups for various reasons (blocking nefarious sites being one of the most important ones). Netmon is an HTTP proxy on port 80 which allows network traffic only through the ports 80 and 443 which are for HTTP and HTTPS traffic respectively. All other protocols like NAT, RTSP and IMAP etc. are blocked. This is the very reason why apps like iMessage, FaceTime, Microsoft Outlook, IRC clients etc. dont work.

2. Why is this suddenly a problem?


Historically, this has never been much of a major issue at IIT Bombay. Students have used workarounds like their smartphones 3G connection which dont redirect network traffic through a proxy server. However, this has become a major issue now due to the release of Microsofts latest operating system, Windows 8. More specifically, it is not the whole of Windows 8 which doesnt work but it is the Windows Store which is incompatible with a proxy server using authentication. Lots of other things are also incompatible (they have been and will continue to be) like cloud services (Microsoft SkyDrive, Google Drive) and some anti-virus softwares (Microsoft Security Essentials, McAfee Internet Security) for instance. This also in many cases causes are IP to be blocked due to relentless pinging to Netmon by these services without proxy authentication.

3. How do we solve it?


The solution is to set up a cascading proxy server. What a cascading proxy server essentially does is it redirects all network requests (how we make it happen is described later) to itself, adds the authentication etc. and sends it to Netmon. Now, Netmon has got the authentication it requires and is at peace with your system. A small caveat. Things like iMessage, Microsoft Outlook and torrents wont work even now as the protocols they use itself are blocked by our beloved Netmon. However, cloud services and anti-virus suites among others (even Windows Store Apps) which use the standard HTTP and HTTPS protocols work flawlessly.

http://www.cse.iitb.ac.in/~pratnala http://pratnala.wordpress.com pratyushnalam@outlook.com

Pratyush Nalam. Technology. Environment. Inclusive Society.

4. Procedure Step 1
This archive which you downloaded consists of 2 setup files in the Setup Files folder ccproxysetup7.3.exe and EnableLoopbackUtility.exe. Run ccproxysetup7.3.exe and install CCProxy 7.3. CCProxy is the software which makes your laptop into a cascading proxy server. Open CCProxy by right-clicking in Start and selecting Run as administrator.

Step 2
CCProxy is actually a paid software but it is free for 3 users (what it actually means is later in this manual). Once you have opened CCProxy, click on Options.

https://www.facebook.com/pratnala https://twitter.com/PratNala http://in.linkedin.com/in/pratyushnalam

Pratyush Nalam. Technology. Environment. Inclusive Society.

Step 3
Now, click on Advanced. WARNING: Dont change anything in this screen.

5
Step 4
Now, go to the Cascading tab, select the checkbox, Enable Cascading Proxy. Now, input the values netmon.iitb.ac.in for Proxy Address, HTTP for Proxy Protocol, 80 for Port. Then, select the checkbox, Need Authorization. Enter your LDAP username under User Name, LDAP Password under Password and leave Domain as BLANK. Click OK twice and come back to the main screen of CCProxy.

http://www.cse.iitb.ac.in/~pratnala http://pratnala.wordpress.com pratyushnalam@outlook.com

Pratyush Nalam. Technology. Environment. Inclusive Society.

Step 5
Now, click on Advanced.

Step 6
Once the Account Manager has opened, a bunch of options need to be configured here. First up, select Permit Only under Permit Category and MAC Address under Auth Type. MAC Address is a unique hardware address for your Ethernet, Wi-Fi, Bluetooth and any other network adapter which is present in your system and shouldnt be confused with Apples line of Mac computers.

https://www.facebook.com/pratnala https://twitter.com/PratNala http://in.linkedin.com/in/pratyushnalam

Pratyush Nalam. Technology. Environment. Inclusive Society.

Step 7
First, well add your Ethernet adapter to the list of users. Connect your LAN cable and click on Auto Scan as shown in the previous image. Enter your full IP address ( 10.8.70.39 in my case) in both Low IP Address and High IP Address. Press Start and then press Close. You will see one device added to the list. Disconnect your LAN cable now. We shall connect it later.

For your Wi-Fi adapter to be added, follow the same steps. Once youre connected to a Wi-Fi network (IITB-Wireless for example), find out your IP Address from Network and Sharing Center and repeat the same process as above. Then, disconnect from the Wi-Fi network. We shall connect to it later. Click OK and exit. Press Hide to minimise CCProxy to the system tray.

Important Sidenote: Please read this before continuing


So whats happening here? It is important to remember that CCProxy is a paid software and the free version which we downloaded only allows 3 users. What does this mean? It means that at a time, only 3 users can connect to the Internet through your proxy server. I have added 3 users one for Ethernet, one for Wi-Fi and one for my iPod touch (by making my laptop into a personal hotspot). However, at any given time, only 2 are active as obviously you cant connect to the Internet throu gh both Ethernet and Wi-Fi. So, still one more user (i.e. device) can connect to the Internet through your proxy server (this can be your tablet or e-book reader or anything else). Always remember that only 3 devices at once can use CCProxy in the free edition. Despite this, CCProxy throws up an error sometimes and then you have to disconnect one of the devices. Also note that adding these adapters to your list of users is a one-time process. Even if your IP changes when you connect to another Wi-Fi network or use the LAN in another room, you dont need to change anything because if you recall, we used MAC Address as the authentication which is unique for the life of your laptop.

http://www.cse.iitb.ac.in/~pratnala http://pratnala.wordpress.com pratyushnalam@outlook.com

Pratyush Nalam. Technology. Environment. Inclusive Society.

Step 8
Right, so now we have successfully configured CCProxy to connect to the Internet and your very own proxy server is running. Go ahead and have a celebratory cup of coffee if you like. Done? So, what is next now? We have to instruct Windows to use this proxy server which you just created to connect to the Internet. Ready? Open Start and type Internet Options. Click on Settings and it will be the first result. Click to open.

Step 9
Click on the Connections tab and go to LAN Settings.

https://www.facebook.com/pratnala https://twitter.com/PratNala http://in.linkedin.com/in/pratyushnalam

Pratyush Nalam. Technology. Environment. Inclusive Society.

Step 10
Select the checkbox Use a proxy server for your LAN. Enter your IP Address under Address and 808 under Port. Also, tick the checkbox for Bypass proxy server for local addresses. Then, click on Advanced. Now, remember that the IP address changes according to your connection so this is NOT a one-time setting.

Step 11
Select the checkbox which says Use the same proxy server for all protocols. And in the exceptions list, add localhost and *.iitb.ac.in. *.local should already be present from before. Remember to separate the entries with semicolons.

http://www.cse.iitb.ac.in/~pratnala http://pratnala.wordpress.com pratyushnalam@outlook.com

Pratyush Nalam. Technology. Environment. Inclusive Society.

Step 12
Now, Internet Options ensures the browsers know their proxy settings. To make it apply system-wide, we need one more command. First, open Start and browse to Windows System under All Apps. Right click on Command Prompt and select Run as administrator.

Step 13
Once you have opened Command Prompt, type this command in its exact form: netsh winhttp import proxy source=ie. Press Enter. Now, connect your LAN cable or connect back to the Wi-Fi network.

10

https://www.facebook.com/pratnala https://twitter.com/PratNala http://in.linkedin.com/in/pratyushnalam

Pratyush Nalam. Technology. Environment. Inclusive Society.

Important Sidenote: Please read this before continuing


Every time you change your IP Address (like when you connect to Wi-Fi or connect to the Internet via Ethernet in another room), you have to change the proxy server address in Internet Options and run this command in the command prompt. If you dont do this, you wont be able to connect to the Internet. This inconvenience is a small price to pay for a tension-free connection to the Internet and using all Windows Store Apps without a hiccup.

Step 14
Lets recap what has happened till here. We have setup our own cascading proxy server and instructed Windows to connect to the Internet through this proxy server. However, Windows Store apps still wont connect. This is because, by design, they cant send network traffic to the local computer. Well enable this. The Setup Files folder of this archive had another file called EnableLoopbackUtility.exe. Run that and install it. Once it is done, go to Start, right click on Enable AppContainer Loopback and Run as administrator.

11

http://www.cse.iitb.ac.in/~pratnala http://pratnala.wordpress.com pratyushnalam@outlook.com

Pratyush Nalam. Technology. Environment. Inclusive Society.

Step 15
Once it opens, click on Exempt All and then select Save Changes. Now, this ensures all your Windows Store apps can connect to the Internet.

Important Sidenote: Please read this before continuing


Whenever you install new apps from the Windows Store, remember to repeat this step so that the new apps can also redirect traffic to the local proxy server. If you don t, youll experience app crashes and messages of Please check your network connection.

12

5. Limitations
As I mentioned earlier, those apps which use protocols other than HTTP and HTTPS (like iMessage, Outlook and torrents) still wont work this way. Also, whatever sites Netmon has blocked (for example Rapidshare and Mediafire) still remain blocked because this isnt doing anything special just adding authentication to network requests.

6. Troubleshooting
In this section, I describe some common errors which can occur and how you can fix them. And yes, they shouldnt occur if you have followed all steps correctly a. The proxy server is refusing connections

This is the funniest error if you ask me. Go, run CCProxy!
https://www.facebook.com/pratnala https://twitter.com/PratNala http://in.linkedin.com/in/pratyushnalam

Pratyush Nalam. Technology. Environment. Inclusive Society. b. CCProxy says This program requires elevation to run Run CCProxy as administrator and this should be done. c. The network icon shows an exclamation mark on the taskbar and Windows Store apps say they are offline. However, desktop applications like Firefox can connect to the Internet. So, this is a very serious error for which the solution is on the lines of jugaad. We have to fool Windows into thinking that network connectivity is fine. Now, remember attempt these steps only if the exclamation mark doesnt go after 2 or 3 minutes (thats the time it takes to realise the network is fine so have patience!). NOTE: The following steps have been written from the perspective of an Ethernet connection. For Wi-Fi, disconnect from the network and reconnect whenever it says the same for a LAN cable. First, try disconnecting and reconnecting the LAN cable. If this doesnt work, go to Internet Options and put netmon.iitb.ac.in for Address and 80 as Port under LAN settings of the Connections tab. Then run the netsh command in an administrative command prompt. Again, disconnect and reconnect the LAN cable. Make sure CCProxy is running all this while. Now, after some time, the exclamation mark will go away. When it does, change your proxy address back to your IP address and 808 as Port. And, run the netsh command. But, this time do NOT remove the LAN cable. If this also doesnt work, put netmon under proxy server address, run the netsh command and restart your PC. Then, once the exclamation mark goes away, again change your IP settings to your IP address with 808 as Port and run the netsh command.

13

http://www.cse.iitb.ac.in/~pratnala http://pratnala.wordpress.com pratyushnalam@outlook.com

Pratyush Nalam. Technology. Environment. Inclusive Society.

7. Some Tips
So, now you want to connect your phone/tablet to the Internet. CCProxy makes this simple and avoids the hassle of configuring authentication on your mobile devices. So, if you have Connectify (get it from http://www.connectify.me) you can make your laptop into a personal hotspot. Once you have done this, connect your device to the hotspot. Then, find out its IP from the Connectify screen like this.

14

See the IP in that box? Now, go to CCProxys account settings, and just as you added your Ethernet connection to the list of users, add your device in the same way (refer Steps 6 and 7). Then, on your devices proxy settings, enter the proxy server address the one Connectify uses and not the one which your laptop is using to connect to the Internet. A short cut is to enter your devices IP but the 4th number is 1. So, in this example, it will be 192.168.68.1. And, enter 808 as Port. Voila! All done! The image on the next page shows this for my iPod.

https://www.facebook.com/pratnala https://twitter.com/PratNala http://in.linkedin.com/in/pratyushnalam

Pratyush Nalam. Technology. Environment. Inclusive Society.

This can similarly be done on other iOS devices and Windows Phones. For Android, you need to root it and use ProxyDroid. Another thing is about IP getting blocked frequently by Netmon. You might have observed this a lot before using CCProxy. Well, CCProxy ensures your IP is never blocked. So, you can use this on Windows 7 too! Just omit the part of running Loopback Utility.

15

8. Acknowledgements
I would like to thank the following people for letting me know of this method. a. Rugved Likhite for bringing this method to my notice in the first place without which Windows 8 was just like Windows 7 in a fancy dress competition. b. Youngzsoft Inc. for making this amazing software called CCProxy. Wish they made it for Mac OS X and Linux as well! c. Eric Lawrence for making the other very vital utility Loopback Utility without which everything we did would be useless. Thank you once again!

9. More questions? Feedback?


If you further have some nagging doubts or issues, feel free to contact me at pratyushnalam08@gmail.com, pratyushnalam@outlook.com or ping me on Facebook at https://www.facebook.com/pratnala.

http://www.cse.iitb.ac.in/~pratnala http://pratnala.wordpress.com pratyushnalam@outlook.com