Solved

WPAD causing bypass for local addresses

Posted on 2010-08-26
7
1,518 Views
Last Modified: 2012-08-14
We have a Forefront TMG array set up with WPAD set up using DHCP.

the machines are detecting this and using FTMG for all surfing.

We have set the "Bypass Proxy" set in FTMG as below.

Internal network properties
if the client machine attempts to browse to the IP address of an internal web server, it uses proxy to go there.. i.e. http://10.1.1.1/

if a client machine uses the fully qualified domain name to get to the web server, it uses proxy to get there.. i.e. http://webserver.company.local/

if a client machine uses the machine name without using the FQDN it bypasses proxy and goes direct. i.e. http://webserver/

My issue is that the client machines have no IP connectivity to the 10.1.1.1 server (and therefore whould go throug proxy)

I need all 3 routes to go through proxy.

Any suggestions?
0
Comment
Question by:Big_Steef
  • 4
  • 2
7 Comments
 
LVL 4

Accepted Solution

by:
vickzz earned 250 total points
ID: 33530943
By Default if you try to browse Non- Contiguous or Non-FQDN web links from your browser it will not go to proxy.
So this behavior is by design
0
 
LVL 3

Author Comment

by:Big_Steef
ID: 33530983
Is there any way to force this traffic through proxy?
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33530997
One way to Install firewall Clients on machine. Is it possible in your environment?
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 
LVL 3

Author Comment

by:Big_Steef
ID: 33531169
It is now one of the options..

so as far as i see the issue, the options are:

1. use the fqdn
2. install firewall client on the pcs
3. open the firewall rules to the server

how would i configure the firewall client if we were to go along that route and would it cause any problems with laptops when they leave the network?

thanks
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33531381
I dont think so there should be an issue with Firewall Clients if laptops are leaving the network because Firewall Clients will detect the Automatic config in IE and work accordingly.
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33531562
ISA Firewall Clients auto detect and sync with ISA if they are in Domain however if they are outside the network then they wont be able to find it so there will not be any issues.
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 250 total points
ID: 33540685
This is a link to one of my previous articles here on using and writing the proxy.pac. It may be useful to you.

http://www.experts-exchange.com/Networking/Windows_Networking/Q_25769612.html

0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
can ping yahoo.com but can't browse to via IE 5 72
ActiveSync issues 16 149
Resolving a public IP to a domain name 9 95
Most secure between box, dropbox, sync and cubby 3 73
I have been asked to explain on many, many occasions the correct way to setup network cards and DNS settings on ISA Server 2004, 2006 and forefront Threat management gateway (FTMG) and have willing done so. I have also promised my self everytime tha…
In all versions of ISA Server and the current version of FTMG, the default https protocol uses TCP port 443 and 563 only. This cannot be changed within the ISA or FTMG GUI and must be completed from a Windows cmd prompt on the ISA Server itself. …
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question