Solved

Need to resolve only 2 subnets to use proxy using pac file

Posted on 2007-11-15
7
1,062 Views
Last Modified: 2009-12-16
I am using a .pac file to auto config our browsers to use our proxy sever (ISA 2006). This is just a bandaid type fix until we upgrade our routers. (Budget reasons). Using Group Policy, I have forced the .pac file for users in specific containers in AD. The following script worked well.

function FindProxyForURL(url, host)
{
 if (isInNet(myIpAddress(), "192.168.0.0", "255.255.0.0"))
  return "PROXY 192.168.101.1:8080";
 else
  return "DIRECT";
}

Too well it seems. This causes a couple of problems. First, laptop users who try to access the internet at home are blocked if they use any type of router that assigns a 192.168.x.x address. Secondly, users who login at a different branch location are forced to use the proxy where we don't want them to.

So really, I only want users in 2 specific subnets to use the proxy, otherwise go direct. I edited the pac file, but I can't get it to work. Here is my code:

function FindProxyForURL(url, host)

{
 if ((isInNet(myIpAddress(), "192.168.101.0", "255.255.255.0"))
     (isInNet(myIpAddress(), "192.168.103.0", "255.255.255.0")))
   
    return "PROXY 192.168.101.1:8080";

 else
    return "DIRECT";
 
}

Can anyone offer suggestions? I can't use the DNS or DHCP method since that would affect all users in the domain.

Thanks!
0
Comment
Question by:LTIADMIN
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
7 Comments
 
LVL 18

Expert Comment

by:chuckyh
ID: 20290394
Why are users in a different branch in this same AD container?
0
 

Author Comment

by:LTIADMIN
ID: 20290444
They are not.
0
 
LVL 11

Expert Comment

by:tvman_od
ID: 20292178
Where this file is located? On the local drives? We use it from internal http (web) server. So when people are outside, the browser cannot retrieve the script and goes directly. It's causing a short, couple of seconds delay before the initial page popes up and then everything is fine.
0
Guide to Performance: Optimization & Monitoring

Nowadays, monitoring is a mixture of tools, systems, and codes—making it a very complex process. And with this complexity, comes variables for failure. Get DZone’s new Guide to Performance to learn how to proactively find these variables and solve them before a disruption occurs.

 

Author Comment

by:LTIADMIN
ID: 20292258
Externally, I guess I could put it on an internal server, and try that. Though I would still like a coded solution to the pac file. Even internally, I need to specify the subnets to use.
0
 
LVL 11

Accepted Solution

by:
tvman_od earned 500 total points
ID: 20292849
function FindProxyForURL(url, host)

{
 if (
         isInNet(myIpAddress(), "192.168.101.0", "255.255.255.0")
     || isInNet(myIpAddress(), "192.168.103.0", "255.255.255.0")
)
   
 return "PROXY 192.168.101.1:8080";

 else
    return "DIRECT";
 
}
0
 

Author Comment

by:LTIADMIN
ID: 20299581
Perfect, that worked. Thanks.

I also tried using the pac file internally instead, but when clients connected remotely via vpn, it grabbed the script anyway.

This should save me some headaches temporarily.
0
 
LVL 11

Expert Comment

by:tvman_od
ID: 20300357
It's not the best idea to run a vpn in the split mode. It saves some bandwidth but creates security issues. Generally the remote computer becomes a wide opened bridge to your internal network. It's up to you, but just FYI.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Preface There are many applications where some computing systems need have their system clocks running synchronized within a small margin and eventually need to be in sync with the global time. There are different solutions for this, i.e. the W3…
Managing 24/7 IT Operations is a hands-on job and indeed a difficult one. Over the years I have found some simple tips and techniques to increase the efficiency of the overall operations. The core concept has always been on continuous improvement; a…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question