Security

I read in 8.6 user guide and saw note that user cannot configure this settings.

So how to configure? 

End-user would like to user proxy for guest and tried to fill in form but error while summiting.

Please advice to configure this.

Can you please put a reference to what configuration option you are trying to do?

What I could find is an option to let the captive portal run via a proxy server (with remarks on certificate challenges) as well as on the same page there is an option to redirect common proxy ports (8000/8080/8081) for guests in the captive portal role. The last one is to support clients that are configured to use a proxy on port 8000/8080 or 8081.

If you want to run all guest traffic through a proxy, you should configure your proxy in transparent mode, make sure that the guest traffic is routed through that transparent proxy, and you don't need to do anything on the controller. Running an explicit proxy requires client-side configuration (or support for WPAD), which in practice doesn't work for guest networks.

I don't have more information about proxy configuration right now. 

My customer needs all guest traffic though the proxy.

Please advice.

If you want to run all guest traffic through a proxy, you should configure your proxy in transparent mode, make sure that the guest traffic is routed through that transparent proxy, and you don't need to do anything on the controller. Running an explicit proxy requires client-side configuration (or support for WPAD), which in practice doesn't work for guest networks.

So get a transparent proxy for this scenario.