Solved

proxy.pac configuration

Posted on 2007-11-19
8
901 Views
Last Modified: 2009-07-29
Hi

Can someone please assist me with the creation of a proxy.pac file?

I need the following within the file, which will be stored on each user's pc & enforced by group policy:

* when a user is on our company's domain, I want every connection to the internet to go through the proxy server, except when the user is trying to access a handfull of sites (e.g. server1.ourcompany.com)

* when a user isn't on our domain (e.g. they have taken their laptop home), they need to access the internet without trying to go through our proxy server.

Thanks!

Ash
0
Comment
Question by:ashonline
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 2
8 Comments
 
LVL 4

Accepted Solution

by:
Beldoran earned 500 total points
ID: 20317366
In the wiki entry at http://en.wikipedia.org/wiki/Proxy_auto-config are some details on the things you can do.
About 2/3rds down the page is a Javascript example which could be modified to do what you want using the isInNet function. (the 'more complicated example')
0
 

Author Comment

by:ashonline
ID: 20324768
Thanks Beldoran, this will help me out.

Any ideas on the detection of whether the user's pc is on the domain or not?
0
 
LVL 4

Expert Comment

by:Beldoran
ID: 20324949
You can check for an IP range. I would assume that your domain has a defined/stable IP range?

or. If you use dhcp or/with particular dns servers you could also check these instead. That page had a reference to bunch of other functions which look interesting.

or. If your java programming is good you may be able to extract the domain name from the machine directly in the script. (My strength is vbscript in which it is trivial to do this, but that does not help here)
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 4

Assisted Solution

by:Beldoran
Beldoran earned 500 total points
ID: 20324995
Try this function,

dnsDomainIs(host,".mydomain.com")
0
 

Author Comment

by:ashonline
ID: 20337176
Hi Beldoran

Thanks for all your help with this.

Can you please advise on whether this proxy.pac file will be any good?

Thanks

Ash
function FindProxyForURL(url, host)
{
	var proxy_yes = "PROXY 192.168.0.129:8080";
	var proxy_no = "DIRECT";
 
	if (shExpMatch(url, "http://www.ourcompany.com*")) { return proxy_no; }
	if (shExpMatch(url, "http://www.anothercompany.com.au*")) { return proxy_no; }
 
	// Proxy if PC is on local LAN
	if (dnsDomainIs(host, ".ourcompany.com"))
		{ return proxy_yes; };
	else
		{ return proxy_no; };
}

Open in new window

0
 
LVL 4

Expert Comment

by:Beldoran
ID: 20337230
My Javascript is not that hot but it looks ok except for
http://www.ourcompany.com* may need to be http://www.ourcompany.com/*
same for http://www.anothercompany.com.au*

My reading of your script is that if it is going to www.ourcompany.com or www.anothercompany.com.au then there will be a direct connection. same for a host on .ourcompany.com. Everything else goes direct.
0
 
LVL 4

Assisted Solution

by:Beldoran
Beldoran earned 500 total points
ID: 20337283
I am using this page for a function reference
http://wp.netscape.com/eng/mozilla/2.0/relnotes/demo/proxy-live.html

From this I am not sure it will work as from the page above "host =
the hostname extracted from the URL. This is only for convenience..."
This means that it is the page that is being asked for not the actual host.

A possible solution is to add an entry in your internal DNS for (say) "internal" and use this function (may not by syntactically correct)

        if (isResolvable("http://internal.ourcompany.com"))
          { return proxy_yes; };
        else
          { return proxy_no; };

This means that if you can resolve this host you MUST be on the internal network so use the proxy otherwise go direct
0

Featured Post

Get MySQL database support online, now!

At Percona’s web store you can order your MySQL database support needs in minutes. No hassles, no fuss, just pick and click. Pay online with a credit card.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

626 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question