?
Solved

Need to resolve only 2 subnets to use proxy using pac file

Posted on 2007-11-15
7
Medium Priority
?
1,066 Views
Last Modified: 2009-12-16
I am using a .pac file to auto config our browsers to use our proxy sever (ISA 2006). This is just a bandaid type fix until we upgrade our routers. (Budget reasons). Using Group Policy, I have forced the .pac file for users in specific containers in AD. The following script worked well.

function FindProxyForURL(url, host)
{
 if (isInNet(myIpAddress(), "192.168.0.0", "255.255.0.0"))
  return "PROXY 192.168.101.1:8080";
 else
  return "DIRECT";
}

Too well it seems. This causes a couple of problems. First, laptop users who try to access the internet at home are blocked if they use any type of router that assigns a 192.168.x.x address. Secondly, users who login at a different branch location are forced to use the proxy where we don't want them to.

So really, I only want users in 2 specific subnets to use the proxy, otherwise go direct. I edited the pac file, but I can't get it to work. Here is my code:

function FindProxyForURL(url, host)

{
 if ((isInNet(myIpAddress(), "192.168.101.0", "255.255.255.0"))
     (isInNet(myIpAddress(), "192.168.103.0", "255.255.255.0")))
   
    return "PROXY 192.168.101.1:8080";

 else
    return "DIRECT";
 
}

Can anyone offer suggestions? I can't use the DNS or DHCP method since that would affect all users in the domain.

Thanks!
0
Comment
Question by:LTIADMIN
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 18

Expert Comment

by:chuckyh
ID: 20290394
Why are users in a different branch in this same AD container?
0
 

Author Comment

by:LTIADMIN
ID: 20290444
They are not.
0
 
LVL 11

Expert Comment

by:tvman_od
ID: 20292178
Where this file is located? On the local drives? We use it from internal http (web) server. So when people are outside, the browser cannot retrieve the script and goes directly. It's causing a short, couple of seconds delay before the initial page popes up and then everything is fine.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:LTIADMIN
ID: 20292258
Externally, I guess I could put it on an internal server, and try that. Though I would still like a coded solution to the pac file. Even internally, I need to specify the subnets to use.
0
 
LVL 11

Accepted Solution

by:
tvman_od earned 2000 total points
ID: 20292849
function FindProxyForURL(url, host)

{
 if (
         isInNet(myIpAddress(), "192.168.101.0", "255.255.255.0")
     || isInNet(myIpAddress(), "192.168.103.0", "255.255.255.0")
)
   
 return "PROXY 192.168.101.1:8080";

 else
    return "DIRECT";
 
}
0
 

Author Comment

by:LTIADMIN
ID: 20299581
Perfect, that worked. Thanks.

I also tried using the pac file internally instead, but when clients connected remotely via vpn, it grabbed the script anyway.

This should save me some headaches temporarily.
0
 
LVL 11

Expert Comment

by:tvman_od
ID: 20300357
It's not the best idea to run a vpn in the split mode. It saves some bandwidth but creates security issues. Generally the remote computer becomes a wide opened bridge to your internal network. It's up to you, but just FYI.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As dyndns has reduced the capabilities of the free service, I looked around for other free providers of Dynamic DNS service. After testing several I decided to move my DNS hosting to Hurricane Electric as then domains that require dynamic hostnam…
In this article, we’ll look at how to deploy ProxySQL.
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question