That is your browser problem. Google started forcing people to use SSL and the result is that we get SSL error instead of login page. The best solution is to use single sign-on. There are many ways of implementing SSO with NxFilter. Probably the easiest way of it would be installing CxLogon to your client PC. https://nxfilter.org/tutorial/c-sso-by-cxlogon.php

I tried the Cxlogon, it created the user and I assigned unrestricted policies and groups to the user, but it still filters out the content for an Android phone. Also, is there a client for linux?

Create a default user linked to your network IP range. If you use 192.168.0.0 network. Create a user associating 192.168.0.1 ~ 192.168.0.255. There's CxLogon for Android. Is it not working for you?

We don't have CxLogon for Linux. We didn't have much request for it so far. We provide a way of making a custom login script for Linux and other OS though. https://nxfilter.org/tutorial/c-custom-login-script.php

For Android and other Wi-Fi devices, you can have 802.1x user authentication with NxFilter. https://nxfilter.org/tutorial/c-sso-by-802-1x.php

Anyway, think about using the methods above first.

When you have a default user linked to the IP range covering your network and one of your user needs to login with a different username to have an elevated access permission, he can access NxFilter login page directly. If your server is on 192.168.0.100,

http://192.168.0.100/block,login.jsp

In old days, you can access it using Login Domain on 'Config > Setup' but with Google's HTTPS forcing decision, you will get an HTTPS error. If you want to avoid of having an SSL warning for these domains,

Login Domain, Logout Domain, Admin Domain

You can install your own multi-domain SSL certificate. What you need is a JKS file and its password. https://nxfilter.org/tutorial/i-faq.php#custom-ssl

We may have an alias for the login page URL in future. Something like 'http://192.168.0.100/login'. It's more accessible for your users. Maybe you can make it a start page for your users. When they start their browser, they can login. Still not so easy to be compared to when we were just forwarded to the login page automatically.

Thank you. What should I set in this case at the System/Setup: should I check the "Enable User Authentication" checkbox and also the "Disable Login Redirection" checkbox? Also, is there a "logout" URL too?

Just 'Enable User Authentication'. Don't disable login redirection. Who knows there's a time when Google changes their mind after realizing that they don't make too much money out of this HTTPS thing.

For logout, http://192.168.0.100/block,login.jsp?actionFlag=logout

And what's your desktop Linux? Is it Ubuntu? If we have enough requests for Linux version CxLogon, we can go for it. However, there're too many Linux variations. That's the problem for Linux.

Yes, my linux is Ubuntu, which seems to be the most popular comparing the google trends for keyword searches. I noticed that the user login and/or login redirection sometimes interferes with zoom.us and some banks, not letting them run even in the absence of policies restricting them. So, I disabled the login redirection and it seems to work now, but I am not sure if it was the cause of the errors with these web sites.

How many Ubuntu desktop systems do you have?

OK. If you need to disable it, you can disable it. Do you use Edge or Chrome? We may add a feature for CxFoward to forward users not logged-in to NxFilter login page. There's a guy saying that they switch to Edge. I guess it's better as you already have Edge if it's Windows.

CxForward is our extension for showing block page on HTTPS block redirection.

We looked into this problem again and we will add some solutions to the problem.

1. We will add an alias for easy access to the login page. It will be http://192.168.0.100/login.

2. We will add the auto login redirection function to CxForward. If you install CxForward into your Edge or Chrome, it will be working as old days. When you try to access some websites while you are not logged-in, you will be forwarded to NxFilter login page.

3. CxForward will be able to recognize Login Domain and Logout Domain. They will be working as before.

So, your Linux and desktop problem will be solved by installing CxForward v1.0.7 and NxFilter v4.6.1.2. For mobile devices, the best one would be 802.1x and the next to the best would be accessing the login page by typing your server IP address and the alias. Your users may have it as a link on their home screen?

Maybe someday, we can run a Chrome extension on mobile version of Chrome and its derivatives including Edge. Then everything's working. But we have a serious problem with Google's Chrome Web Store. They rejected to update CxForward while MS Store updated it right away. This problem happened several years ago with another Chrome extension and that made us to stop developing anything with Chrome extension.

You can't trust these people. They rejected it this time for us mimicking some other extension which has 0 user while CxForward is having more than 7000 users. Actually, once it had more users than that. We just abandoned it for Google problem. If you use Edge, that'd be OK. But for Chrome, I don't know if we can solve this problem again. Last time, we even thought about reporting it to some government organization for abusing market dominant power.

Anyway, we will see how it goes.

Thank you for making it work better. I have one more issue that I could not solve so far: when I enable the User Authentication, my Unifi wifi network fails to work with new clients, I am not sure why. Probably it still redirects somewhere. Without the user authentication and with similar category restrictions, it works.

Did you make the default user for your network? Try that first.

when I enable the default user with IP coverage of .1-.255, it prevents other IP users from working. So, when the default user is enabled, no other IP based user works. Also, if the policy of the default user restricts web sites, most of the services, including Unifi Wifi do not work well. So, at this point I think the User functionality does not seem to work well or I do not understand how it works. The only way I found to use the nxfilter is to avoid the DHCP assignment of nxfilter's DNS by default and configure each client where the DNS restrictions are needed individually.

Which policy did you assign to your default user? If it has the same policy as other users, everything should be the same. And you still can have a different policy for other users. Read this,

https://nxfilter.org/tutorial/c-auth...precedence.php

Single IP association comes before IP range association. And if there's something not working even if they are logged-in then there's something blocked by your policy mostly.

And lastly, User Functionality works fine. You can read User Reports from https://nxfilter.org/forum/usage-reports and see them using AD integration and all kinds of user authentication methods.