WPAD configuration for wireless clients only

We have published a wpad.dat script for Proxy settings on our wireless network.  The script is working fine with directing traffic through our internal proxy for internet traffic and directly for intranet traffic and appears underneath.  

My issues are: I need to be able to make this wpad script come into effect only for my wireless clients and NOT the wired ones.

For example, if my wireless clients get DHCP from subnets, say; 10.100.10.*, 10.100.20.* and 10.100.30.*; only they should be able to access the proxy and NOT anyone else across my 10.100.*.* network even though, wpad.dat is available to all others via the IIS 6 publishing it.

Also, I have a few exception entries in my Proxy settings which I configure regularly via 'Do Not use proxy server for addresses begining with':;

How should I configure these within my wpad scripting? The addresses are both IP and host/dns names.
Pls advise!!
function FindProxyForURL(url, host)
{ if (isPlainHostName(host))
return "DIRECT";
else
return "PROXY 'my proxy ip':80";
}

Open in new window

fahimAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

matjmCommented:
Hi there,

There are two ways to acheive this - Either by publishing different WPAD settings to wired and wireless clients, or as you have mentioned, configuring the condition in the wpad.dat file itself.

You can use this syntax to process conditions based on the source IPs of the clients: -

if (isInNet(host, "192.168.0.0", "255.255.255.0")) { return "DIRECT"; }
if (isInNet(host, "192.168.1.0", "255.255.255.0")) { return "PROXY MYPROXY:PORT"; }

This would obviously pass any IPs on 192.168.0.x through directly to the internet, but would redirect IPs from 192.168.1.x through to the proxy.
0
fahimAuthor Commented:
Thanks for the reply Mat. You said that I can publish diffrent WPAD settings to wired and wireless networks. How do I do that? My DHCP server serving wireless is NOT a windows server and is internal to my Wireless Controller device whose APs are thin clients (Nortel implementation). So I cannot use the Option 252 entry of DHCP on my wireless clients.

Wired clients have the normal Windows DNS/DHCP though. Having given an "A" entry on my DNS for WPAD hosting machine, I have made sure that wpad hosting IIS is resolvable from both my wired and wireless clients.

Second, you stated that for my 'exception' in the proxy I use the DIRECT return. If I need to mention DNS/hostnames instead of IPs, what would be my line? Also, some of the stuff is hosted internally and the resolution of those DNS.WINS names should neither go directly or indirectly to the Internet realm. How do I define those entries?

Thanks in advance!!

0
matjmCommented:
Using DNS instead of DHCP is fine, so long as you follow the standards (file is called wpad.dat, wpad and wpad.domain resolve correctly, etc.)

The WPAD snippet I posted above will do the seperation of your clients based on the subnets they are in - Normally you'd do this via DHCP, but as this isn't an option you can do it this way.

So basically you just punch in all of your subnets for your clients, and then specify either a proxy or direct connection for each subnet.

Regarding exceptions, I've actually written an article on WPAD a little while back which goes through different types of exceptions - http://techblog.mirabito.net.au/?p=21

Let me know if there's anything I haven't explained properly, or misunderstood.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Forefront ISA Server

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.