PowerShell is a task-oriented command line shell and scripting environment developed by Microsoft designed to control numerous activities on Windows operating systems. Among its primary functions is the ability to perform proxy configuration. The command line and its ability to run such tasks enhances the automation and ease of the central management of network settings of devices on the domain.
The main advantage of configuring a proxy server using PowerShell as compared to other common methods is that it does not require a graphical interface since it directly alters the internet connection settings. This feature is particularly useful for system administrators who need to monitor proxy server settings on various devices since they will be able to quickly change the settings and add them into other scripts that are already automated for more efficiency.
You can configure a proxy server in PowerShell in several ways: by using netsh to configure the WinHTTP service, by changing registry values with Set-ItemProperty, or by setting parameters directly in Invoke-WebRequest and curl for a specific script. Each method has its own scope and impact on the system.
| Method | Level | Applies to | Advantages | Limitations |
|---|---|---|---|---|
| netsh | System | Services, system agents, WinHTTP-based apps | Changes global WinHTTP settings, supports mass deployment, works with GPO | Does not affect WinInet clients and browsers, no support for proxies that require authentication |
| Registry (HKCU) | User | Browsers, desktop apps | Supports authentication (username/password), works with user-level Group Policy, affects all WinInet-based applications | Changes apply only to the current user |
| Invoke-WebRequest and curl | Script | PowerShell scripts and individual HTTP requests | Lets you set proxy, authentication, and bypass list per request, flexible per-session configuration | Does not change system-wide settings, you must explicitly pass proxy parameters in every request |
The right method depends on where you need the intermediary configuration to apply and which components use it.
The sections below show step-by-step examples of how to configure a proxy using each of these methods.
The netsh command is embedded into Windows OS and serves a lot of purposes. One of the functions that can be performed by this command is configuring intermediary settings in relation to the WinHTTP service. This allows the user to change the way system services operate rather than changing proxies within applications or browsers that support different types of networks.
It is important to emphasize that the use of the netsh command in PowerShell is limited to proxies that use IP authorization and not to intermediaries that require login credentials.
Here’s how you can configure it using PowerShell:
PHP
Node.js
Python
Java
Golang
en 
Español 
中國人 
Tiếng Việt 
Deutsch 
Українська 
Português 
Français 
भारतीय 
Türkçe 
한국인 
Italiano 
Gaeilge 
اردو 
Indonesia 
Polski netsh winhttp set proxy IP-address:portTo view current settings such as address and port use:
netsh winhttp show proxyTo remove it:
netsh winhttp reset proxyTo configure list bypass proxy Powershell, use:
netsh winhttp set proxy proxy-server="82.211.9.150:50100" bypass-list="localhost;*.internal.net"If you do not want to manually enter credentials, you can import them from your browser:
netsh winhttp import proxy source=ieWinHTTP can import configuration only from Internet Explorer (or from the Windows system settings that are tied to it).
Such tracing can also be useful for system administrators. It shows which proxy is used for system HTTP requests and helps diagnose connection errors or incorrect configuration. To enable logging, run:
netsh winhttp set tracing C:\Logs\winhttp.logTo check whether tracing is enabled and logs are being written correctly, run:
netsh winhttp show tracingProxy settings may be managed centrally in PowerShell by configuring the registry system manually. This method impacts any programs that use the Windows system to manage their network settings, which includes nearly all web browsers.
For adding such settings that do not require any authorization, you can apply the following PowerShell commands:
Set-ItemProperty -Path “HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings” -Name ProxyServer -Value "IP-address:port”
Set-ItemProperty -Path “HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings” -Name ProxyEnable -Value 1If you use a private proxy solution with credentials, PowerShell proxy authentication is need to be configured:
$proxyAddress = "http://IP address:port"
# Here we specify the address of the required proxy server
$credentials = Get-Credential
# You will be prompted to input the username and password with this command
[system.net.webrequest]::DefaultWebProxy = New-Object system.net.webproxy($proxyAddress)
# Creates a new proxy object with the specified address
[system.net.webrequest]::DefaultWebProxy.Credentials = $credentials
# Apply the credentials previously input to the proxyTo add bypass proxy PowerShell, use:
Set-ItemProperty -Path “HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings” -Name ProxyOverride -Value “localhost;*.exempl.com”If you would like to turn off the proxy settings use the following command:
Set-ItemProperty -Path “HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings” -Name ProxyEnable -Value 0For system administrators, Invoke-WebRequest and curl are useful when you need precise proxy control for individual requests or scripts without changing global settings. This is convenient for connectivity tests, script debugging, checking access to region-specific resources, and automating tasks where you must pass proxy parameters, authentication, and a bypass list for a particular HTTP call.
To execute a single web request through a proxy:
$proxy = New-Object System.Net.WebProxy("http://IP-address:port")
Invoke-WebRequest -Uri "https://example.com" -Proxy $proxyTo run a web request through an authenticated proxy:
$proxy = New-Object System.Net.WebProxy("http://IP-address:port")
$proxy.Credentials = Get-Credential
Invoke-WebRequest -Uri "https://example.com" -Proxy $proxyTo force a direct connection over the local network:
Invoke-WebRequest -Uri "https://example.com" -NoProxyYou cannot “turn off” a proxy globally with this method. All parameters are scoped to the current session or request, and everything is reset after the script finishes.
By default, PowerShell treats curl as an alias for Invoke-WebRequest, not as the native curl.exe binary bundled with or installed on Windows. To run the standard curl tool, use curl.exe; PowerShell will then execute the actual executable instead of redirecting the call to Invoke-WebRequest.
Below are examples of configuring an intermediate HTTP/SOCKS solution with curl.exe.
Simple HTTP proxy request:
curl.exe -x http://82.211.9.160:8100 https://example.comProxy with basic authentication (user:pass):
curl.exe -x http://82.211.9.160:8100 --proxy-user user:pass https://example.comForced NTLM authentication:
curl.exe -x http://82.211.9.160:8080 --proxy-user DOMAIN\user:pass --proxy-ntlm https://example.comSOCKS5 proxy configuration:
curl.exe --socks5-hostname 82.211.9.160:1080 https://example.comBypassing the proxy for a list of hosts (bypass list equivalent):
curl.exe -x http://82.211.9.160:8080 --noproxy “localhost,*.internal.net” https://example.comCalling curl from a script with variables:
$proxy = "http://82.211.9.160:8080"
curl.exe -x $proxy --proxy-user $env:PROXY_USER:$env:PROXY_PASS https://example.comIf the intermediary server is unavailable or connections are unstable, you first need to determine where the problem occurs: at the system level, user level, or within a specific script. PowerShell makes it easy to inspect the current settings, run test requests, and reset configuration if necessary.
To check the current user-level proxy settings and see whether the new connection is enabled and which address is in use:
Get-ItemProperty -Path "HKCU:\Software\Microsoft\Windows\CurrentVersion\Internet Settings" | Select-Object ProxyServer, ProxyEnableFor services and applications that use WinHTTP, run the following to see whether a system-level proxy is set and whether automatic configuration is in use (PAC file or WPAD):
netsh winhttp show proxyTo test whether a resource is reachable on a given port:
Test-NetConnection -ComputerName "example.com" -Port 80If the connection cannot be established, try another port or address.
To verify that HTTP requests work through the configured proxy:
Invoke-WebRequest -Uri "https://example.com" -Proxy "http://IP:port" -UseBasicParsingThis command helps you see the connection status and returns any error in case authentication fails.
You can also check whether environment variables override system settings:
echo $env:HTTP_PROXY
echo $env:NO_PROXYIf you run into issues when connecting through the new IP, review all configuration details and make sure the data you received from the provider is valid and the proxy endpoint is reachable.
PowerShell offers a centralized, reliable way to manage network infrastructure and access policies. From the console, you can define and automate proxy configuration and control network connections at the system, user, and service levels. This reduces the risk of manual configuration errors, improves transparency, and simplifies administration in corporate environments.
These capabilities are useful for system administrators, DevOps engineers, and security teams – from enforcing unified network policies to integrating new IPs into CI/CD pipelines and cloud infrastructure.
This means the new connection requires authentication, but PowerShell did not provide valid credentials or did not accept them. For example, when you use Invoke-WebRequest, you may need to specify the -ProxyCredential parameter.
There are two common reasons: either the application uses a different network stack (for example, WinHTTP instead of WinInet), or the target address is included in the bypass list, so it deliberately skips the proxy.
For a single request, use the -NoProxy parameter with Invoke-WebRequest or Invoke-RestMethod. This bypasses the system proxy only for the current call without editing the registry or WinHTTP configuration:
Invoke-WebRequest -Uri "https://example.com" -NoProxy
Comments: 0