Proxy PAC file not working

Hi Experts.

I am trying to configure a PAC file to set up the proxy settings on our company. Basically the goal is to force the use of the proxy to all users when either the laptop is connected to the corporate site network (IP ranges 172.16.2.0/255.255.255.0) or the laptop is connected to the corporate VPN (IP range 10.251.0.0/255.255.248.0), while not configuring any proxy at all for any other connections (including local host).

I am starting from the basics, basically trying to get the proxy PAC file to work locally on my laptop, and then I will deploy it to the rest of users using WPAD/GPOs. Later on, also, I will work to include some other exceptions to the target hosts. But first I need to get this working from the basics.

But I am having some weird problem on this first test: if I configure the PAC file just to identify the VPN IP range and to configure the Proxy, then the PAC file is used correctly and it kicks off the proxy settings. This is the code used (the code that WORKS fine):

#####################################################

function FindProxyForURL(url, host)
{
      if ((host =="infoproxy.domain.com"))
            {
                  alert("Local IP address is: " + myIpAddress());
            }
      if ((host == "localhost") ||
      (shExpMatch(host, "localhost.*")) ||
      (host == "127.0.0.1"))
            {
                  return "DIRECT";
            }
      if (isInNet(myIpAddress(), "10.251.0.0", "255.255.248.0"))
            {
                  return "PROXY 145.47.86.151:8080";
            }
      else
            {
                  return "DIRECT";
            }
}

###################################################

So that is fine, it detects when I am directly connected to Internet (no proxy is used) and when I connect to the VPN, the proxy is used.

But when I move forward and I add one more line of code to include one IP range from the office network, so the PAC file could identify a new IP range to configure the proxy, then the PAC file stops working, and I had not been able to figure out what I am missing (bad scripting??).

This is the PAC file code that does NOT work at all:

#######################################################
function FindProxyForURL(url, host)
{
      if ((host =="infoproxy.domain.com"))
            {
                  alert("Local IP address is: " + myIpAddress());
            }
      if ((host == "localhost") ||
      (shExpMatch(host, "localhost.*")) ||
      (host == "127.0.0.1"))
            {
                  return "DIRECT";
            }
      if (isInNet(myIpAddress(), "10.251.0.0", "255.255.248.0")) ||
      if (isInNet(myIpAddress(), "172.16.2.0", "255.255.255.0"))
            {
                  return "PROXY 145.47.86.151:8080";
            }
      else
            {
                  return "DIRECT";
            }
}

######################################################

Please notice that I am testing all this while working remotely, so there is NO corporate network IP assigned to my laptop at any time during the test. I am just switching from "DIRECTLY INTERNET (DSL)" to "VPN" modes, and the first script perfectly works for this scenario. As soon as I make the script change to add one more line "if (isInNet(myIpAddress(), "172.16.2.0", "255.255.255.0"))", the script basically stops working, so when I am connected "DIRECTLY INTERNET (DSL)" I do have access to Internet, but when I connect to the VPN the Internet browsing is not working and I have noticed  (by checking the VPN local firewall logs) that this is because the traffic is trying to reach directly the web site without using the proxy -not allowed on the local FW-, so the PAC file is NOT working at all. Actually, as you can see, I added  the code:

#####################
if ((host =="infoproxy.domain.com"))
            {
                  alert("Local IP address is: " + myIpAddress());
            }
######################

so I could check which IP the PAC file was detecting by just browsing to "infoproxy.domain.com", but this feature just does not work when the new IP range is added to the script, it looks like the whole PAC file is simply ignored.

Any clue? Thanks in advance.
HUSATechAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

HUSATechAuthor Commented:
After some double checks, I thought the error was here:

if (isInNet(myIpAddress(), "10.251.0.0", "255.255.248.0")) ||
if (isInNet(myIpAddress(), "172.16.2.0", "255.255.255.0"))

I thought the "if" on the second line was not supposed to be there, but after removing it, the script still is not working.

What I did then was splitting this part of the code on two different blocks, so the complete script is:

############################################
function FindProxyForURL(url, host)
{

      if ((host =="infoproxy.domain.com"))
            {
                  alert("Local IP address is: " + myIpAddress());
            }
      if ((host == "localhost") ||
      (shExpMatch(host, "localhost.*")) ||
      (host == "127.0.0.1"))
            {
                  return "DIRECT";
            }
      if (isInNet(myIpAddress(), "10.251.0.0", "255.255.248.0"))
            {
                  return "PROXY 145.47.86.151:8080";
            }
      if (isInNet(myIpAddress(), "172.16.2.0", "255.255.255.0"))
            {
                  return "PROXY 145.47.86.151:8080";
            }
      else
            {
                  return "DIRECT";
            }
}


############################################

And surprisingly, this WORKS.

But I am still wondering why the use of the "||" switch makes my original script to fail. Also, I am not sure if this workaround of splitting the code on blocks for each subnet that I want to include on the proxy configuration, would have some performance impact on the browser when going through the script.

Any suggestion would be appreciated. Thanks again, guys.
0
irf44zCommented:
You cannot connect If statements with ||. It is the conditions within the IF statements that should be connected with ||.

Please replace
  if (isInNet(myIpAddress(), "10.251.0.0", "255.255.248.0")) ||
  if (isInNet(myIpAddress(), "172.16.2.0", "255.255.255.0"))

WITH

  if (isInNet(myIpAddress(), "10.251.0.0", "255.255.248.0") || isInNet(myIpAddress(), "172.16.2.0", "255.255.255.0"))
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
HUSATechAuthor Commented:
Thanks irf44z, that worked perfectly.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Anti-Virus Apps

From novice to tech pro — start learning today.