Solved

WPAD causing bypass for local addresses

Posted on 2010-08-26
7
1,516 Views
Last Modified: 2012-08-14
We have a Forefront TMG array set up with WPAD set up using DHCP.

the machines are detecting this and using FTMG for all surfing.

We have set the "Bypass Proxy" set in FTMG as below.

Internal network properties
if the client machine attempts to browse to the IP address of an internal web server, it uses proxy to go there.. i.e. http://10.1.1.1/

if a client machine uses the fully qualified domain name to get to the web server, it uses proxy to get there.. i.e. http://webserver.company.local/

if a client machine uses the machine name without using the FQDN it bypasses proxy and goes direct. i.e. http://webserver/

My issue is that the client machines have no IP connectivity to the 10.1.1.1 server (and therefore whould go throug proxy)

I need all 3 routes to go through proxy.

Any suggestions?
0
Comment
Question by:Big_Steef
  • 4
  • 2
7 Comments
 
LVL 4

Accepted Solution

by:
vickzz earned 250 total points
Comment Utility
By Default if you try to browse Non- Contiguous or Non-FQDN web links from your browser it will not go to proxy.
So this behavior is by design
0
 
LVL 3

Author Comment

by:Big_Steef
Comment Utility
Is there any way to force this traffic through proxy?
0
 
LVL 4

Expert Comment

by:vickzz
Comment Utility
One way to Install firewall Clients on machine. Is it possible in your environment?
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 
LVL 3

Author Comment

by:Big_Steef
Comment Utility
It is now one of the options..

so as far as i see the issue, the options are:

1. use the fqdn
2. install firewall client on the pcs
3. open the firewall rules to the server

how would i configure the firewall client if we were to go along that route and would it cause any problems with laptops when they leave the network?

thanks
0
 
LVL 4

Expert Comment

by:vickzz
Comment Utility
I dont think so there should be an issue with Firewall Clients if laptops are leaving the network because Firewall Clients will detect the Automatic config in IE and work accordingly.
0
 
LVL 4

Expert Comment

by:vickzz
Comment Utility
ISA Firewall Clients auto detect and sync with ISA if they are in Domain however if they are outside the network then they wont be able to find it so there will not be any issues.
0
 
LVL 51

Assisted Solution

by:Keith Alabaster
Keith Alabaster earned 250 total points
Comment Utility
This is a link to one of my previous articles here on using and writing the proxy.pac. It may be useful to you.

http://www.experts-exchange.com/Networking/Windows_Networking/Q_25769612.html

0

Featured Post

Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

Join & Write a Comment

Suggested Solutions

Title # Comments Views Activity
EMAIL BANNER 8 25
Windows XP and blocking external Internet only 6 200
DNS, networking 17 100
Need recommendation for a DNS host provider. 3 62
Forefront Threat Management Gateway 2010 or FTMG comes with some very neat troubleshooting tools built-in when trying to identify what is actually happening behind the scenes within the product when traffic is passing through its interfaces. To the …
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Access reports are powerful and flexible. Learn how to create a query and then a grouped report using the wizard. Modify the report design after the wizard is done to make it look better. There will be another video to explain how to put the final p…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now