A way to bypass access rules, that work fine with any browser, is
reported and checked. A user installed WinGate, configured it to go
"thru HTTP proxy with SSL tunelling support" to our proxy:port, set
his browser to his Wingate as proxy and ignores any filters at the
organizational proxy. The latter is configured most simply: NW51SP5,
BM36sp2a, only HTTP proxy at a private address, a site
reverse-proxied, no auth yet, Craig's proxy.cfg, April revision, with
a correction to make Windows updates possible. I didn't find anything
in the BM settings concerning SSL tunelling support.

Any ideas? Thanks in advance.