Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 876
  • Last Modified:

WPAD and PAC Configuration in ISA 2006

Hello All,

I'd like to setup my environment to use the Auto configuration option in ISA 2006.
I've read a couple of articles, and I'm only getting confused here (Not hard at all really - being a noob...)

My situastion is as follows:
The domain is a Windows Server 2003 domain with workstations on Windows 2k and XP combined.
Workstations have IE 6 and IE7.
The ISA 2006 server is on Windows Server 2003, Internal network with one NIC configured.
This server should be a web proxy only server.

I have a lot of users that go off site and travel about (lucky pigs!)
At the moment they use an older ISA 2000 server as proxy server, wich is setup up through GP from AD.
This setting is only "Use Proxy server:  ISA2000" and port number.

I'd like to setup the new server to use Autoconfig in IE setting to point to the new ISA 2006 server, so that when users are not on my network, they can access the Internet directly, but when they are on my network, they have to use the proxy server.

I tried to use the Firewall Client app on my workstation, and it works, but for some reason it does not apply the network rules. I have URL set that blocks some sites, and when I use the ISA client, this does not work.

I'd like some help on how to manage this propperly.

Some questions:
Do I have to install the client software for the Autoconfig to work, or do I have to install the client software on all the workstations at all?
Can I use a pac file copied to all the workstations locally to point to the proxy server, tests if it can be accessed, and if not - go direct to the interent.

Thanks.
Ampletrix.

I'd like to setup autoconfig in IE to use the ISA server as a web proxy only.
0
Ampletrix
Asked:
Ampletrix
  • 3
  • 2
1 Solution
 
Raj-GTSystems EngineerCommented:
You don't need to install the firewall client if you are planning to use ISA as a proxy only server. And you certainly don't need to use any pac filess for proxy configuration either.

Just enable automatic proxy configuration in ISA, create a new A record in your DNS for wpad pointing to your ISA server and set IE to "Automatically detect proxy settings" (either manually or using a GPO) and that's that.
0
 
AmpletrixAuthor Commented:
Thanks Raj_GT,

I'm trying to configure the WPAD file as you suggested.
I've got the DNS entry in and the WPAD file on the wwwroot folder of my IIS server, but it's not grabing the right info from there.

I'll have a look for info on how to create my own wpad.dat config file.

Any info would be great!

Thanks again.

Ampletrix.
0
 
Raj-GTSystems EngineerCommented:
Your WPAD entry should actually point to the ISA Server. The ISA server will generate the WPAD.dat and WSPAD.dat files on the fly and supply to the clients upon request.

Once you have enabled automatic proxy configuration in ISA, tey browsing to http://isaservername/wapd.dat and you should get the file.
0
 
AmpletrixAuthor Commented:
Thanks Raj-GT,

You're actually helping me with the same issue on another quetsion I raised with EE.
Please continue to help me on that one, as it is the same issue.

When I open the http://ISA_Server/wpad.dat - it does not work, but when I open
http://ISA_Server:8080/wpad.dat it works, but it has to work on port 80 because I'm only using DNS to resolve.

Apologies for logging the same question twice. I confused myself with several issues wich were the same problem.

Ampletrix.
0
 
AmpletrixAuthor Commented:
I logged the same problem twice due to being an ID 10 T
Apologies to everyone for causing any inconvenience.

Ampletrix
0

Featured Post

When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now