Solved

Need to resolve only 2 subnets to use proxy using pac file

Posted on 2007-11-15
7
1,049 Views
Last Modified: 2009-12-16
I am using a .pac file to auto config our browsers to use our proxy sever (ISA 2006). This is just a bandaid type fix until we upgrade our routers. (Budget reasons). Using Group Policy, I have forced the .pac file for users in specific containers in AD. The following script worked well.

function FindProxyForURL(url, host)
{
 if (isInNet(myIpAddress(), "192.168.0.0", "255.255.0.0"))
  return "PROXY 192.168.101.1:8080";
 else
  return "DIRECT";
}

Too well it seems. This causes a couple of problems. First, laptop users who try to access the internet at home are blocked if they use any type of router that assigns a 192.168.x.x address. Secondly, users who login at a different branch location are forced to use the proxy where we don't want them to.

So really, I only want users in 2 specific subnets to use the proxy, otherwise go direct. I edited the pac file, but I can't get it to work. Here is my code:

function FindProxyForURL(url, host)

{
 if ((isInNet(myIpAddress(), "192.168.101.0", "255.255.255.0"))
     (isInNet(myIpAddress(), "192.168.103.0", "255.255.255.0")))
   
    return "PROXY 192.168.101.1:8080";

 else
    return "DIRECT";
 
}

Can anyone offer suggestions? I can't use the DNS or DHCP method since that would affect all users in the domain.

Thanks!
0
Comment
Question by:LTIADMIN
  • 3
  • 3
7 Comments
 
LVL 18

Expert Comment

by:chuckyh
ID: 20290394
Why are users in a different branch in this same AD container?
0
 

Author Comment

by:LTIADMIN
ID: 20290444
They are not.
0
 
LVL 11

Expert Comment

by:tvman_od
ID: 20292178
Where this file is located? On the local drives? We use it from internal http (web) server. So when people are outside, the browser cannot retrieve the script and goes directly. It's causing a short, couple of seconds delay before the initial page popes up and then everything is fine.
0
How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

 

Author Comment

by:LTIADMIN
ID: 20292258
Externally, I guess I could put it on an internal server, and try that. Though I would still like a coded solution to the pac file. Even internally, I need to specify the subnets to use.
0
 
LVL 11

Accepted Solution

by:
tvman_od earned 500 total points
ID: 20292849
function FindProxyForURL(url, host)

{
 if (
         isInNet(myIpAddress(), "192.168.101.0", "255.255.255.0")
     || isInNet(myIpAddress(), "192.168.103.0", "255.255.255.0")
)
   
 return "PROXY 192.168.101.1:8080";

 else
    return "DIRECT";
 
}
0
 

Author Comment

by:LTIADMIN
ID: 20299581
Perfect, that worked. Thanks.

I also tried using the pac file internally instead, but when clients connected remotely via vpn, it grabbed the script anyway.

This should save me some headaches temporarily.
0
 
LVL 11

Expert Comment

by:tvman_od
ID: 20300357
It's not the best idea to run a vpn in the split mode. It saves some bandwidth but creates security issues. Generally the remote computer becomes a wide opened bridge to your internal network. It's up to you, but just FYI.
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now