Why is my program sending 'Anonymous IP Packets' and how do I stop that? Why is my program sending 'Anonymous IP Packets' and how do I stop that? curl curl

Why is my program sending 'Anonymous IP Packets' and how do I stop that?


What they mean is your app has to authenticate with the firewall. That link provides a wealth of information concerning the TMG product. Your client probably has this configuration:

Require users to authenticate whenever they request Web access. Every Web session requires authentication.

When using this method, note the following:

Anonymous Web access is disabled.

Forefront TMG requests user credentials and validates them before it checks the request against the Firewall policy. If users fail to authenticate, their access request is denied.

This method is defined per network. Most non-interactive clients, such as, the Windows Update client, cannot authenticate, and are therefore denied access.

So when the user opens their web browser and tries to access a web page, they'll get a pop-up window asking for credentials because the firewall has intercepted their web request and sent its own authentication page. When the user authenticates, the firewall passes web traffic.

Your automated app does not authenticate with the firewall, so the firewall drops packets and your traffic is classified as anonymous.

Sorry, I don't know the solution on how to make your application authenticate with the firewall. If your app goes to specific URLs, the site operators could whitelist them.

According to this page, you should be getting error 407: proxy authentication required from curl. Try adding these options to the curl initialization, but you still have the problem of asking the user for their network credentials interactively:

CURLOPT_HTTPAUTH: add CURLAUTH_NTLMCURLOPT_PROXYAUTH: add CURLAUTH_NTLMset CURLOPT_FOLLOWLOCATION


There is no such thing as an 'anonymous packet' in standard networking parlance. Your client's firewall is making up terms, or there was a miscommunication somewhere along the line before the message got to you. Either way, you're going to need to get clarification from your client or the firewall's vendor or documentation.


I agree with bdonlan. In the context of http requests, "anonymous packets" is vague and ambiguous at best. Maybe they mean there is no referrer code? Or they require http-authentication? Or you need to establish a session key before being able to access the specific url you are requesting? You need actual technical details from your client.