NxFilter Tutorial
Tutorial Index

NxProxy and Remote Filtering
NxFilter provides a remote filtering client software that is NxProxy. Once you install it on a user system, you can filter and monitor the internet activity from the user system regardless of user location.

You need to open TCP/80, TCP/443 port on NxFilter.

Globlist doesn't support NxProxy.

Install NxProxy on Windows
When you run its Windows installer, you will see its setup program (C:/Program Files/nxproxy/setup.exe) running. There are Server Address and Login Token parameters for you to set up with your own values.

On NxFilter, every user has a unique login token.

After you modify the config values, test your setup and then start it. You can see if it is working by viewing 'Logging > Agent Signal' on NxFilter GUI. There will be signals from NxProxy.

You can add multiple server IP addresses or domains separated by commas if you run a cluster of NxFilter.

Uninstall NxProxy on Windows
To prevent uninstalling by your user, NxProxy doesn't show its uninstaller on Add/Remove programs in Windows control panel. When you uninstall NxProxy, you need to do it manually with the following steps.

1. Run C:/Program Files/nxproxy/bin/unstsvc.bat.
2. Delete C:/Program Files/nxproxy' folder

Silent install on Windows
For those of you wanting to install NxProxy on multiple PCs using GPO or PDQ deployment, we have silent install options.

For silent install,

/silent : Runs the installer in silent mode (The progress window will be displayed).
/verysilent : Very silent mode. No windows will be displayed.

And you can specify Server Address and Login Token,


This is the final form of the command.

		nxproxy-1.0.1.exe /verysilent /server= /token=GKSYEJYG

Signals of NxProxy
We defined several signals with which you can find out what is happening on a user system. NxProxy sends these signals.

  • START : When NxProxy starts, it sends START signal to NxFilter.
  • STOP : When NxProxy stops, it sends STOP signal to NxFilter.
  • PING : NxProxy sends PING signal to NxFilter every 5 minutes.

You can view these signals on 'Logging > Agent Signal' on NxFilter GUI.

Fail-safe measure for NxProxy
When NxProxy can't connect to its server, it bypasses filtering temporarily before it gets the connection restored. This is because your users need to be able to use the internet anyway. If you use clustering, you can use multiple server addresses for redundancy.

Bypassing local domain
When you run NxProxy in your local network, you may need to bypass your local domain to your local DNS server. This is especially needed when you run NxProxy in an Active Directory environment. NxProxy is supposed to detect local DNS and AD domain automatically and bypass AD domain to the local DNS server. However, this automatic process doesn't work in some environment. In that case, you can set them up manually on 'Policy > NxProxy'.

Keeping static IP address
NxProxy needs to detect DNS server IP of the system it's running on. And it also needs to restore the DNS settings it changed when it stops. While doing that, it uses DHCP and it will change your system IP address. However, you may want to use a static IP for your system. In that case, you can set 'local_dns' parameter on 'C:/Program Files (x86)/nxproxy/conf/cfg.properties' file.

local_dns =

When you set 'local_dns' then it doesn't need to find its system DNS server by DHCP anymore.