Need to resolve only 2 subnets to use proxy using pac file

I am using a .pac file to auto config our browsers to use our proxy sever (ISA 2006). This is just a bandaid type fix until we upgrade our routers. (Budget reasons). Using Group Policy, I have forced the .pac file for users in specific containers in AD. The following script worked well.

function FindProxyForURL(url, host)
{
 if (isInNet(myIpAddress(), "192.168.0.0", "255.255.0.0"))
  return "PROXY 192.168.101.1:8080";
 else
  return "DIRECT";
}

Too well it seems. This causes a couple of problems. First, laptop users who try to access the internet at home are blocked if they use any type of router that assigns a 192.168.x.x address. Secondly, users who login at a different branch location are forced to use the proxy where we don't want them to.

So really, I only want users in 2 specific subnets to use the proxy, otherwise go direct. I edited the pac file, but I can't get it to work. Here is my code:

function FindProxyForURL(url, host)

{
 if ((isInNet(myIpAddress(), "192.168.101.0", "255.255.255.0"))
     (isInNet(myIpAddress(), "192.168.103.0", "255.255.255.0")))
   
    return "PROXY 192.168.101.1:8080";

 else
    return "DIRECT";
 
}

Can anyone offer suggestions? I can't use the DNS or DHCP method since that would affect all users in the domain.

Thanks!
LTIADMINAsked:
Who is Participating?
 
tvman_odConnect With a Mentor Commented:
function FindProxyForURL(url, host)

{
 if (
         isInNet(myIpAddress(), "192.168.101.0", "255.255.255.0")
     || isInNet(myIpAddress(), "192.168.103.0", "255.255.255.0")
)
   
 return "PROXY 192.168.101.1:8080";

 else
    return "DIRECT";
 
}
0
 
chuckyhCommented:
Why are users in a different branch in this same AD container?
0
 
LTIADMINAuthor Commented:
They are not.
0
IT Degree with Certifications Included

Aspire to become a network administrator, network security analyst, or computer and information systems manager? Make the most of your experience as an IT professional by earning your B.S. in Network Operations and Security.

 
tvman_odCommented:
Where this file is located? On the local drives? We use it from internal http (web) server. So when people are outside, the browser cannot retrieve the script and goes directly. It's causing a short, couple of seconds delay before the initial page popes up and then everything is fine.
0
 
LTIADMINAuthor Commented:
Externally, I guess I could put it on an internal server, and try that. Though I would still like a coded solution to the pac file. Even internally, I need to specify the subnets to use.
0
 
LTIADMINAuthor Commented:
Perfect, that worked. Thanks.

I also tried using the pac file internally instead, but when clients connected remotely via vpn, it grabbed the script anyway.

This should save me some headaches temporarily.
0
 
tvman_odCommented:
It's not the best idea to run a vpn in the split mode. It saves some bandwidth but creates security issues. Generally the remote computer becomes a wide opened bridge to your internal network. It's up to you, but just FYI.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.