diff --git a/app/controllers/proxy_controller.rb b/app/controllers/proxy_controller.rb
index c53091128..648ee795b 100644
--- a/app/controllers/proxy_controller.rb
+++ b/app/controllers/proxy_controller.rb
@@ -7,6 +7,8 @@ class ProxyController < ApplicationController
   def test
     url = 'http://zammad.org'
     options = params
+      .permit(:proxy, :proxy_username, :proxy_password, :proxy_no)
+      .to_h
     options[:open_timeout] = 12
     options[:read_timeout] = 24
     begin
diff --git a/lib/user_agent.rb b/lib/user_agent.rb
index b2479fc5b..7d2af693b 100644
--- a/lib/user_agent.rb
+++ b/lib/user_agent.rb
@@ -342,7 +342,7 @@ returns
   def self.set_basic_auth(request, options)
 
     # http basic auth (if needed)
-    if options[:user] && options[:user] != '' && options[:password] && options[:password] != ''
+    if options[:user].present? && options[:password].present?
       request.basic_auth options[:user], options[:password]
     end
     request
diff --git a/spec/requests/proxy_spec.rb b/spec/requests/proxy_spec.rb
new file mode 100644
index 000000000..e42af718d
--- /dev/null
+++ b/spec/requests/proxy_spec.rb
@@ -0,0 +1,72 @@
+require 'rails_helper'
+
+RSpec.describe 'Manage > Settings > System > Network', type: :request do
+
+  let(:group) { create(:group) }
+  let!(:admin) do
+    create(:admin, groups: [Group.lookup(name: 'Users'), group])
+  end
+  let(:proxy) { ENV['ZAMMAD_PROXY'] }
+  let(:proxy_username) { ENV['ZAMMAD_PROXY_USERNAME'] }
+  let(:proxy_password) { ENV['ZAMMAD_PROXY_PASSWORD'] }
+  let(:valid_params) do
+    {
+      proxy:          proxy,
+      proxy_username: proxy_username,
+      proxy_password: proxy_password
+    }
+  end
+
+  describe 'request handling' do
+
+    it 'does proxy settings - valid params' do
+      authenticated_as(admin)
+
+      post '/api/v1/proxy', params: valid_params, as: :json
+
+      expect(json_response['result']).to eq('success')
+    end
+
+    context 'when proxy settings uses invalid config' do
+
+      it 'with invalid proxy' do
+        authenticated_as(admin)
+        params = valid_params.merge({ proxy: 'invalid_proxy' })
+
+        post '/api/v1/proxy', params: params, as: :json
+
+        expect(json_response['result']).to eq('failed')
+      end
+
+      it 'with unknown proxy' do
+        authenticated_as(admin)
+        params = valid_params.merge({ proxy_password: 'proxy.example.com:3128' })
+
+        post '/api/v1/proxy', params: params, as: :json
+
+        expect(json_response['result']).to eq('failed')
+
+      end
+
+      it 'with invalid proxy username' do
+        authenticated_as(admin)
+        params = valid_params.merge({ proxy_password: 'invalid_username' })
+
+        post '/api/v1/proxy', params: params, as: :json
+
+        expect(json_response['result']).to eq('failed')
+
+      end
+
+      it 'with invalid proxy password' do
+        authenticated_as(admin)
+        params = valid_params.merge({ proxy_password: 'invalid_password' })
+
+        post '/api/v1/proxy', params: params, as: :json
+
+        expect(json_response['result']).to eq('failed')
+      end
+    end
+
+  end
+end
diff --git a/spec/support/vcr.rb b/spec/support/vcr.rb
index db218e1a2..f71d62542 100644
--- a/spec/support/vcr.rb
+++ b/spec/support/vcr.rb
@@ -1,4 +1,4 @@
-VCR_IGNORE_MATCHING_HOSTS = %w[zammad.com google.com elasticsearch selenium login.microsoftonline.com].freeze
+VCR_IGNORE_MATCHING_HOSTS = %w[zammad.com google.com elasticsearch selenium login.microsoftonline.com zammad.org].freeze
 VCR_IGNORE_MATCHING_REGEXPS = [/^192\.168\.\d+\.\d+$/].freeze
 
 VCR.configure do |config|
diff --git a/spec/system/settings/proxy_spec.rb b/spec/system/settings/proxy_spec.rb
new file mode 100644
index 000000000..dff8df964
--- /dev/null
+++ b/spec/system/settings/proxy_spec.rb
@@ -0,0 +1,109 @@
+require 'rails_helper'
+
+RSpec.describe 'Manage > Settings > System > Network', type: :system do
+
+  before { visit 'settings/system' }
+
+  let(:proxy) { ENV['ZAMMAD_PROXY'] }
+  let(:proxy_username) { ENV['ZAMMAD_PROXY_USERNAME'] }
+  let(:proxy_password) { ENV['ZAMMAD_PROXY_PASSWORD'] }
+
+  describe 'configure proxy setting' do
+
+    it 'test proxy settings with correct config' do
+
+      within(:active_content) do
+        click(:href, '#network')
+
+        fill_in 'proxy',            with: proxy
+        fill_in 'proxy_username',   with: proxy_username
+        fill_in 'proxy_password',   with: proxy_password
+        click_on 'Test Connection'
+
+        expect(page).to have_button('Test Connection', visible: :hidden, wait: 5)
+        expect(page).to have_button('Submit', visible: :visible, wait: 5)
+
+        find('.js-submit:not(.hide)').click
+
+        expect(page).to have_button('Submit', visible: :hidden, wait: 5)
+        expect(page).to have_button('Test Connection', visible: :visible, wait: 5)
+      end
+    end
+
+    context 'test proxy settings when invalid config is used' do
+
+      it 'with invalid proxy' do
+
+        within(:active_content) do
+          click(:href, '#network')
+
+          fill_in 'proxy',            with: 'invalid_proxy'
+          fill_in 'proxy_username',   with: proxy_username
+          fill_in 'proxy_password',   with: proxy_password
+          click_on 'Test Connection'
+
+          expect(page).to have_css('h1.modal-title', text: 'Error', wait: 5)
+          expect(page).to have_css('div.modal-body', text: /Invalid proxy address/, wait: 5)
+          expect(page).to have_button('Test Connection', visible: :visible, wait: 5)
+          expect(page).to have_button('Submit', visible: :hidden, wait: 5)
+
+        end
+      end
+
+      it 'with unknown proxy' do
+
+        within(:active_content) do
+          click(:href, '#network')
+
+          fill_in 'proxy',            with: 'proxy.example.com:3128'
+          fill_in 'proxy_username',   with: proxy_username
+          fill_in 'proxy_password',   with: proxy_password
+          click_on 'Test Connection'
+
+          expect(page).to have_css('h1.modal-title', text: 'Error', wait: 5)
+          expect(page).to have_css('div.modal-body', text: /Failed to open TCP connection/, wait: 5)
+          expect(page).to have_button('Test Connection', visible: :visible, wait: 5)
+          expect(page).to have_button('Submit', visible: :hidden, wait: 5)
+
+        end
+      end
+
+      it 'with invalid proxy username' do
+
+        within(:active_content) do
+          click(:href, '#network')
+
+          fill_in 'proxy',            with: proxy
+          fill_in 'proxy_username',   with: 'invalid_username'
+          fill_in 'proxy_password',   with: proxy_password
+          click_on 'Test Connection'
+
+          expect(page).to have_css('h1.modal-title', text: 'Error', wait: 5)
+          expect(page).to have_css('div.modal-body', text: /Access Denied/, wait: 5)
+          expect(page).to have_button('Test Connection', visible: :visible, wait: 5)
+          expect(page).to have_button('Submit', visible: :hidden, wait: 5)
+
+        end
+      end
+
+      it 'with invalid proxy password' do
+
+        within(:active_content) do
+          click(:href, '#network')
+
+          fill_in 'proxy',            with: proxy
+          fill_in 'proxy_username',   with: proxy_username
+          fill_in 'proxy_password',   with: 'invalid_password'
+          click_on 'Test Connection'
+
+          expect(page).to have_css('h1.modal-title', text: 'Error', wait: 5)
+          expect(page).to have_css('div.modal-body', text: /Access Denied/, wait: 5)
+          expect(page).to have_button('Test Connection', visible: :visible, wait: 5)
+          expect(page).to have_button('Submit', visible: :hidden, wait: 5)
+
+        end
+      end
+    end
+
+  end
+end