One option is to update the device to a later device software which features improved proxy support.

The other option is to create a rule in the firewall that should be configured so that all calls over https (port 443) to the cloud server address are allowed:  (replace x and y with your unique cloud server address). All URL's to the address should be allowed.