Most corporations have a forward proxy to channel all traffic from devices on the intranet to the internet, for various security reasons.
When the device is on the internet, I suppose the proxy is not used. Does the browser "try" to connect to proxy configured in the browser, if it can't connect it bypasses the proxy & goes directly to internet?
Proxy settings in the browser usually do not depend on the environment. They might use a hostname though as the proxy server which might resolve to different IP addresses depending on the environment (internet vs. intranet). They might also use a PAC file which dynamically sets up the actual proxy to use or allow direct access depending on target and environment.
Apart from that in many environments no explicit proxy settings are used in the first place and instead all outgoing traffic from the company network is simply is routed through some transparent proxy (usually as part of firewall of NGFW) or deep packet inspection.
It is also very common that the outside device will be connected into the company network using a VPN and in this case use the same logic for content inspection no matter if it is inside or outside the company network. A more recent approach is to use cloud based resources for content inspection no matter if inside or outside the company network. Various vendors offer here managed SWG (Secure Web Gateway) and also controlled access to company resources via cloud.
And then there are ways were no actual content inspection is done in the first place but the filtering is done using DNS, i.e. potentially bad domains simply do not get resolved to their real IP which results in denied access. There are also multiple vendors in this area and also various free offerings.
I checked the HTTP Trace, the only diff. I see is the public IP vs corporate n/w IP in the headers - this is for a page which I can access from both intranet and internet.
– Nemophile Mar 28 '22 at 06:23