Solved

WPAD configuration for wireless clients only

Posted on 2008-11-01
3
1,420 Views
Last Modified: 2012-05-05
We have published a wpad.dat script for Proxy settings on our wireless network.  The script is working fine with directing traffic through our internal proxy for internet traffic and directly for intranet traffic and appears underneath.  

My issues are: I need to be able to make this wpad script come into effect only for my wireless clients and NOT the wired ones.

For example, if my wireless clients get DHCP from subnets, say; 10.100.10.*, 10.100.20.* and 10.100.30.*; only they should be able to access the proxy and NOT anyone else across my 10.100.*.* network even though, wpad.dat is available to all others via the IIS 6 publishing it.

Also, I have a few exception entries in my Proxy settings which I configure regularly via 'Do Not use proxy server for addresses begining with':;

How should I configure these within my wpad scripting? The addresses are both IP and host/dns names.
Pls advise!!
function FindProxyForURL(url, host)
{ if (isPlainHostName(host))
return "DIRECT";
else
return "PROXY 'my proxy ip':80";
}

Open in new window

0
Comment
Question by:fahim
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 6

Expert Comment

by:matjm
ID: 22861006
Hi there,

There are two ways to acheive this - Either by publishing different WPAD settings to wired and wireless clients, or as you have mentioned, configuring the condition in the wpad.dat file itself.

You can use this syntax to process conditions based on the source IPs of the clients: -

if (isInNet(host, "192.168.0.0", "255.255.255.0")) { return "DIRECT"; }
if (isInNet(host, "192.168.1.0", "255.255.255.0")) { return "PROXY MYPROXY:PORT"; }

This would obviously pass any IPs on 192.168.0.x through directly to the internet, but would redirect IPs from 192.168.1.x through to the proxy.
0
 

Author Comment

by:fahim
ID: 22868372
Thanks for the reply Mat. You said that I can publish diffrent WPAD settings to wired and wireless networks. How do I do that? My DHCP server serving wireless is NOT a windows server and is internal to my Wireless Controller device whose APs are thin clients (Nortel implementation). So I cannot use the Option 252 entry of DHCP on my wireless clients.

Wired clients have the normal Windows DNS/DHCP though. Having given an "A" entry on my DNS for WPAD hosting machine, I have made sure that wpad hosting IIS is resolvable from both my wired and wireless clients.

Second, you stated that for my 'exception' in the proxy I use the DIRECT return. If I need to mention DNS/hostnames instead of IPs, what would be my line? Also, some of the stuff is hosted internally and the resolution of those DNS.WINS names should neither go directly or indirectly to the Internet realm. How do I define those entries?

Thanks in advance!!

0
 
LVL 6

Accepted Solution

by:
matjm earned 500 total points
ID: 22871593
Using DNS instead of DHCP is fine, so long as you follow the standards (file is called wpad.dat, wpad and wpad.domain resolve correctly, etc.)

The WPAD snippet I posted above will do the seperation of your clients based on the subnets they are in - Normally you'd do this via DHCP, but as this isn't an option you can do it this way.

So basically you just punch in all of your subnets for your clients, and then specify either a proxy or direct connection for each subnet.

Regarding exceptions, I've actually written an article on WPAD a little while back which goes through different types of exceptions - http://techblog.mirabito.net.au/?p=21

Let me know if there's anything I haven't explained properly, or misunderstood.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Today sees the launch of a new case study, focusing on BYOD technologies we have been working with for some time now.  But with the advent of 802.11ac wireless technologies and the story behind our landmark developments, we would like to share this …
DECT technology has become a popular standard for wireless voice communication. DECT devices are not likely to be affected by other electronic devices and signals because they operate in a separate frequency-band.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this fifth video of the Xpdf series, we discuss and demonstrate the PDFdetach utility, which is able to list and, more importantly, extract attachments that are embedded in PDF files. It does this via a command line interface, making it suitable …

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question