diff --git a/content/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot.md b/content/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot.md index 57ad007ab5..61823c60a0 100644 --- a/content/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot.md +++ b/content/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot.md @@ -23,6 +23,8 @@ By default, {% data variables.product.prodname_copilot %} connects to {% data va Some networks use an HTTP proxy server to intercept Internet traffic before sending it to its intended location. Companies often use an HTTP proxy to detect suspicious traffic or restrict the content entering their networks. If you're working on a corporate network, you may need to configure {% data variables.product.prodname_copilot_short %} to connect via an HTTP proxy. +> [!NOTE] The administrator of your proxy server or firewall also needs to configure network settings for {% data variables.product.prodname_copilot_short %} to work as expected. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/configuring-your-proxy-server-or-firewall-for-copilot)." + ## Configuring proxy settings for {% data variables.product.prodname_copilot %} {% data variables.product.prodname_copilot %} supports basic HTTP proxy setups. If you need to authenticate to a proxy, {% data variables.product.prodname_copilot %} supports basic authentication or authentication with Kerberos. If the proxy URL starts `https://`, the proxy is not currently supported. diff --git a/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/configuring-your-proxy-server-or-firewall-for-copilot.md b/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/configuring-your-proxy-server-or-firewall-for-copilot.md new file mode 100644 index 0000000000..8e7da918ae --- /dev/null +++ b/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/configuring-your-proxy-server-or-firewall-for-copilot.md @@ -0,0 +1,33 @@ +--- +title: Configuring your proxy server or firewall for Copilot +intro: 'You should allow certain traffic through your firewall or proxy server for {% data variables.product.prodname_copilot_short %} to work as intended.' +permissions: 'Proxy server maintainers or firewall maintainers' +product: '{% data reusables.gated-features.copilot %}' +versions: + feature: copilot +topics: + - Copilot +shortTitle: Allow Copilot traffic +--- + +If your company employs security measures like a firewall or proxy server, you should add the following URLs, ports, and protocols to an allowlist to ensure {% data variables.product.prodname_copilot_short %} works as expected: + +| Domain and/or URL | Purpose | +| :------------------------------------- | :--------------------------------- | +| `https://github.com/login/*` | Authentication | +| `https://api.github.com/user` | User Management | +| `https://api.github.com/copilot_internal/*` | User Management | +| `https://copilot-telemetry.githubusercontent.com/telemetry` | Telemetry | +| `https://default.exp-tas.com/` | Telemetry | +| `https://copilot-proxy.githubusercontent.com/` | API service for {% data variables.product.prodname_copilot_short %} suggestions | +| `https://origin-tracker.githubusercontent.com` | API service for {% data variables.product.prodname_copilot_short %} suggestions | +| `https://*.githubcopilot.com` | API service for {% data variables.product.prodname_copilot_short %} suggestions | + +Depending on the security policies and editors your organization uses, you may need to allowlist additional domains and URLs. For more information on specific editors, see "[Further reading](#further-reading)." + +Every user of the proxy server or firewall also needs to configure their own environment to connect to {% data variables.product.prodname_copilot_short %}. See "[AUTOTITLE](/copilot/configuring-github-copilot/configuring-network-settings-for-github-copilot)." + +## Further reading + +* [Network Connections in {% data variables.product.prodname_vscode %}](https://code.visualstudio.com/docs/setup/network) in the {% data variables.product.prodname_vs %} documentation +* [Install and use {% data variables.product.prodname_vs %} and Azure Services behind a firewall or proxy server](https://learn.microsoft.com/en-us/visualstudio/install/install-and-use-visual-studio-behind-a-firewall-or-proxy-server) in the Microsoft documentation diff --git a/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/index.md b/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/index.md index 122d905202..6a984804bd 100644 --- a/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/index.md +++ b/content/copilot/managing-copilot/managing-github-copilot-in-your-organization/index.md @@ -12,6 +12,7 @@ topics: children: - /managing-the-copilot-subscription-for-your-organization - /setting-policies-for-copilot-in-your-organization + - /configuring-your-proxy-server-or-firewall-for-copilot - /managing-access-to-github-copilot-in-your-organization - /enhancing-copilot-for-your-organization --- diff --git a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md index daf568e0b8..b3c24e4f45 100644 --- a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md +++ b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-enterprise.md @@ -24,9 +24,9 @@ Control which {% data variables.product.prodname_copilot_short %} features are a ## 3. Set up networking (if necessary) -If your enterprise users connect through an HTTP proxy server or firewall, ensure that [these URLs](/copilot/troubleshooting-github-copilot/troubleshooting-firewall-settings-for-github-copilot#urls-to-add-to-an-allowlist) are added to the allowlist for the proxy server or firewall. +If your enterprise users connect through an HTTP proxy server or firewall, ensure that key URLs are added to the allowlist for the proxy server or firewall. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/configuring-your-proxy-server-or-firewall-for-copilot)." -You may also need to install custom SSL certificates on your users' machines. See "[AUTOTITLE](/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot)." +You may also need to install custom SSL certificates on your users' machines. See "[AUTOTITLE](/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot#installing-custom-certificates)." ## 4. Grant access to organizations diff --git a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md index 110cdd581b..7134fa17ad 100644 --- a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md +++ b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-your-organization.md @@ -27,9 +27,9 @@ Control which {% data variables.product.prodname_copilot_short %} features are a ## 3. Set up networking (if necessary) -If your organization members connect through an HTTP proxy server or firewall, ensure that [these URLs](/copilot/troubleshooting-github-copilot/troubleshooting-firewall-settings-for-github-copilot#urls-to-add-to-an-allowlist) are added to the allowlist for the proxy server or firewall. +If your organization members connect through an HTTP proxy server or firewall, ensure that key URLs are added to the allowlist for the proxy server or firewall. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/configuring-your-proxy-server-or-firewall-for-copilot)." -You may also need to install custom SSL certificates on your members' machines. See "[AUTOTITLE](/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot)." +You may also need to install custom SSL certificates on your members' machines. See "[AUTOTITLE](/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot#-installing-custom-certificates)." ## 4. Grant access to members diff --git a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself.md b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself.md index 1e098ac053..12aebdf67e 100644 --- a/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself.md +++ b/content/copilot/setting-up-github-copilot/setting-up-github-copilot-for-yourself.md @@ -28,9 +28,9 @@ If you want to use {% data variables.product.prodname_copilot_short %} in the co ## 4. Set up networking (if necessary) -If you connect through an HTTP proxy server or firewall, ensure that [these URLs](/copilot/troubleshooting-github-copilot/troubleshooting-firewall-settings-for-github-copilot#urls-to-add-to-an-allowlist) are added to the allowlist for the proxy server or firewall. +If you connect through an HTTP proxy server or firewall, ensure that key URLs are added to the allowlist for the proxy server or firewall. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/configuring-your-proxy-server-or-firewall-for-copilot)." -You may also need to install a custom SSL certificate on your machine. See "[AUTOTITLE](/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot)." +You may also need to install a custom SSL certificate on your machine. See "[AUTOTITLE](/copilot/managing-copilot/configure-personal-settings/configuring-network-settings-for-github-copilot#installing-custom-certificates)." ## 5. Configure settings (optional) diff --git a/content/copilot/troubleshooting-github-copilot/troubleshooting-firewall-settings-for-github-copilot.md b/content/copilot/troubleshooting-github-copilot/troubleshooting-firewall-settings-for-github-copilot.md index d46e0fadef..57eaacd6c5 100644 --- a/content/copilot/troubleshooting-github-copilot/troubleshooting-firewall-settings-for-github-copilot.md +++ b/content/copilot/troubleshooting-github-copilot/troubleshooting-firewall-settings-for-github-copilot.md @@ -8,30 +8,13 @@ topics: - Networking versions: feature: copilot -shortTitle: Firewall settings +shortTitle: Connectivity security settings --- -If you or your organization employs security measures like a firewall or proxy server, it may be beneficial to include certain domain URLs in an "allowlist" and open specific ports and protocols. Doing so will enhance your installation and usage of {% data variables.product.prodname_copilot_short %} for an optimal experience. +## About the problem -## URLs to add to an allowlist +If you or your company uses a firewall, {% data variables.product.prodname_copilot_short %} may not function as expected. {% data variables.product.prodname_copilot_short %} interacts with a remote machine learning model and checks for updates, and a firewall may block important traffic and degrade the user experience. -Due to {% data variables.product.prodname_copilot_short %}'s interaction with a remote machine learning model and its update-checking functionality, it is recommended to include the following domain URLs in the allowlist, marking them as trusted either in the user interface or within your deployment scripts. +## Solving the problem -| Domain and/or URL | Purpose | -| :------------------------------------- | :--------------------------------- | -| `https://github.com/login/*` | Authentication | -| `https://api.github.com/user` | User Management | -| `https://api.github.com/copilot_internal/*` | User Management | -| `https://copilot-telemetry.githubusercontent.com/telemetry` | Telemetry | -| `https://default.exp-tas.com/` | Telemetry | -| `https://copilot-proxy.githubusercontent.com/` | API service for {% data variables.product.prodname_copilot_short %} suggestions | -| `https://origin-tracker.githubusercontent.com` | API service for {% data variables.product.prodname_copilot_short %} suggestions | -| `https://*.githubcopilot.com` | API service for {% data variables.product.prodname_copilot_short %} suggestions | - -Additional domains and URLs may require allowlisting, depending on your organization's security policies and the editors in use. For more information about specific editors, see "[Further reading](#further-reading)." - -## Further reading - -* [Network Connections in {% data variables.product.prodname_vscode %}](https://code.visualstudio.com/docs/setup/network) -* [Install and use Visual Studio and Azure Services behind a firewall or proxy server](https://learn.microsoft.com/en-us/visualstudio/install/install-and-use-visual-studio-behind-a-firewall-or-proxy-server) -* "[AUTOTITLE](/get-started/using-github/troubleshooting-connectivity-problems)" +For an optimal {% data variables.product.prodname_copilot_short %} experience, you should create an "allowlist" that lets certain URLs, ports, and protocols through your firewall. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/configuring-your-proxy-server-or-firewall-for-copilot)." diff --git a/content/copilot/troubleshooting-github-copilot/troubleshooting-network-errors-for-github-copilot.md b/content/copilot/troubleshooting-github-copilot/troubleshooting-network-errors-for-github-copilot.md index f0affb60b1..06f75212a5 100644 --- a/content/copilot/troubleshooting-github-copilot/troubleshooting-network-errors-for-github-copilot.md +++ b/content/copilot/troubleshooting-github-copilot/troubleshooting-network-errors-for-github-copilot.md @@ -47,6 +47,8 @@ If there is a problem with your proxy setup, you may see the following error: `{ If you know you are connecting via a proxy, make sure the proxy is configured correctly in your environment. For more information, see "[AUTOTITLE](/copilot/configuring-github-copilot/configuring-network-settings-for-github-copilot#configuring-proxy-settings-for-github-copilot)." +> [!NOTE] If you are an employee of a company with a proxy server, your company must also configure proxy settings for {% data variables.product.prodname_copilot_short %} at the company level. See "[AUTOTITLE](/copilot/managing-copilot/managing-github-copilot-in-your-organization/configuring-your-proxy-server-or-firewall-for-copilot)." + {% data variables.product.prodname_copilot %} uses custom code to connect to proxies. This means a proxy setup supported by your editor is not necessarily supported by {% data variables.product.prodname_copilot %}. Some common causes for errors related to proxies are: * If your proxy's URL starts `https://`, it is not currently supported by {% data variables.product.prodname_copilot %}.