Improve company productivity with a Business Account.Sign Up

x
?
Solved

WPAD causing bypass for local addresses

Posted on 2010-08-26
7
Medium Priority
?
1,539 Views
Last Modified: 2012-08-14
We have a Forefront TMG array set up with WPAD set up using DHCP.

the machines are detecting this and using FTMG for all surfing.

We have set the "Bypass Proxy" set in FTMG as below.

Internal network properties
if the client machine attempts to browse to the IP address of an internal web server, it uses proxy to go there.. i.e. http://10.1.1.1/

if a client machine uses the fully qualified domain name to get to the web server, it uses proxy to get there.. i.e. http://webserver.company.local/

if a client machine uses the machine name without using the FQDN it bypasses proxy and goes direct. i.e. http://webserver/

My issue is that the client machines have no IP connectivity to the 10.1.1.1 server (and therefore whould go throug proxy)

I need all 3 routes to go through proxy.

Any suggestions?
0
Comment
Question by:Big_Steef
  • 4
  • 2
7 Comments
 
LVL 4

Accepted Solution

by:
vickzz earned 1000 total points
ID: 33530943
By Default if you try to browse Non- Contiguous or Non-FQDN web links from your browser it will not go to proxy.
So this behavior is by design
0
 
LVL 3

Author Comment

by:Big_Steef
ID: 33530983
Is there any way to force this traffic through proxy?
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33530997
One way to Install firewall Clients on machine. Is it possible in your environment?
0
Get expert help—faster!

Need expert help—fast? Use the Help Bell for personalized assistance getting answers to your important questions.

 
LVL 3

Author Comment

by:Big_Steef
ID: 33531169
It is now one of the options..

so as far as i see the issue, the options are:

1. use the fqdn
2. install firewall client on the pcs
3. open the firewall rules to the server

how would i configure the firewall client if we were to go along that route and would it cause any problems with laptops when they leave the network?

thanks
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33531381
I dont think so there should be an issue with Firewall Clients if laptops are leaving the network because Firewall Clients will detect the Automatic config in IE and work accordingly.
0
 
LVL 4

Expert Comment

by:vickzz
ID: 33531562
ISA Firewall Clients auto detect and sync with ISA if they are in Domain however if they are outside the network then they wont be able to find it so there will not be any issues.
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 1000 total points
ID: 33540685
This is a link to one of my previous articles here on using and writing the proxy.pac. It may be useful to you.

http://www.experts-exchange.com/Networking/Windows_Networking/Q_25769612.html

0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Microsoft's ISA Server has been its pre-eminent security product for about a decade and is still regarded amongst the well-informed as one of the best software firewalls and application gateways ever released, by any manufacturer. ISA Server has bee…
Common practice undertaken by most system administrators is to document the configurations and final solutions of anything performed by them for their future use and reference. So here I am going to explain how to export ISA Server 2004 Firewall pol…
Watch the video to learn how one can deal with PST file corruption issue with an outstanding Kernel for Outlook PST Repair Tool easily. Using this tool, non-technical users can swiftly perform the repair process to restore their essential data witho…
Watch the software video of Kernel Import PST to Office 365 tools which can easily import PST and OST files to Office 365 for bulk mailboxes. The process of migration is simple and user can map source and destination mailboxes and easily import data…

607 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question