Solved

proxy.pac configuration

Posted on 2007-11-19
8
899 Views
Last Modified: 2009-07-29
Hi

Can someone please assist me with the creation of a proxy.pac file?

I need the following within the file, which will be stored on each user's pc & enforced by group policy:

* when a user is on our company's domain, I want every connection to the internet to go through the proxy server, except when the user is trying to access a handfull of sites (e.g. server1.ourcompany.com)

* when a user isn't on our domain (e.g. they have taken their laptop home), they need to access the internet without trying to go through our proxy server.

Thanks!

Ash
0
Comment
Question by:ashonline
  • 5
  • 2
8 Comments
 
LVL 4

Accepted Solution

by:
Beldoran earned 500 total points
ID: 20317366
In the wiki entry at http://en.wikipedia.org/wiki/Proxy_auto-config are some details on the things you can do.
About 2/3rds down the page is a Javascript example which could be modified to do what you want using the isInNet function. (the 'more complicated example')
0
 

Author Comment

by:ashonline
ID: 20324768
Thanks Beldoran, this will help me out.

Any ideas on the detection of whether the user's pc is on the domain or not?
0
 
LVL 4

Expert Comment

by:Beldoran
ID: 20324949
You can check for an IP range. I would assume that your domain has a defined/stable IP range?

or. If you use dhcp or/with particular dns servers you could also check these instead. That page had a reference to bunch of other functions which look interesting.

or. If your java programming is good you may be able to extract the domain name from the machine directly in the script. (My strength is vbscript in which it is trivial to do this, but that does not help here)
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 4

Assisted Solution

by:Beldoran
Beldoran earned 500 total points
ID: 20324995
Try this function,

dnsDomainIs(host,".mydomain.com")
0
 

Author Comment

by:ashonline
ID: 20337176
Hi Beldoran

Thanks for all your help with this.

Can you please advise on whether this proxy.pac file will be any good?

Thanks

Ash
function FindProxyForURL(url, host)
{
	var proxy_yes = "PROXY 192.168.0.129:8080";
	var proxy_no = "DIRECT";
 
	if (shExpMatch(url, "http://www.ourcompany.com*")) { return proxy_no; }
	if (shExpMatch(url, "http://www.anothercompany.com.au*")) { return proxy_no; }
 
	// Proxy if PC is on local LAN
	if (dnsDomainIs(host, ".ourcompany.com"))
		{ return proxy_yes; };
	else
		{ return proxy_no; };
}

Open in new window

0
 
LVL 4

Expert Comment

by:Beldoran
ID: 20337230
My Javascript is not that hot but it looks ok except for
http://www.ourcompany.com* may need to be http://www.ourcompany.com/*
same for http://www.anothercompany.com.au*

My reading of your script is that if it is going to www.ourcompany.com or www.anothercompany.com.au then there will be a direct connection. same for a host on .ourcompany.com. Everything else goes direct.
0
 
LVL 4

Assisted Solution

by:Beldoran
Beldoran earned 500 total points
ID: 20337283
I am using this page for a function reference
http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html

From this I am not sure it will work as from the page above "host =
the hostname extracted from the URL. This is only for convenience..."
This means that it is the page that is being asked for not the actual host.

A possible solution is to add an entry in your internal DNS for (say) "internal" and use this function (may not by syntactically correct)

        if (isResolvable("http://internal.ourcompany.com"))
          { return proxy_yes; };
        else
          { return proxy_no; };

This means that if you can resolve this host you MUST be on the internal network so use the proxy otherwise go direct
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

If your business is like most, chances are you still need to maintain a fax infrastructure for your staff. It’s hard to believe that a communication technology that was thriving in the mid-80s could still be an essential part of your team’s modern I…
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

679 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question