PAC file for proxy autoconfig across a WAN
We currently use WPAD and it works fine, but our network department wants to change to use a PAC file on a BlueCoat (BC) using an autoconfig script. We need PC's in one region to use one BC and PC's in another region to use another. They asked me to create a DNS file that will change the IP of the hostname depending on the region. I do not know if this is possible. If it is, that would be cool.
So then he asked about putting the BC's behind an F5 which we only have at one location. Seems this would not be too effective since we do not have an F5 Cluster across the WAN. But we could go this route if we wanted to change.
Do you have any ideas for me? They are being persistent, we are happy with WPAD so would like to hear your ideas of the Pros and Cons of WPAD through IIS rather than PAC file through autoconfig script. ..and any way to do this better. Cluster the Bluecoats across the WAN possibly?
We have IE, Chrome and Firefox.
Thank you.
So then he asked about putting the BC's behind an F5 which we only have at one location. Seems this would not be too effective since we do not have an F5 Cluster across the WAN. But we could go this route if we wanted to change.
Do you have any ideas for me? They are being persistent, we are happy with WPAD so would like to hear your ideas of the Pros and Cons of WPAD through IIS rather than PAC file through autoconfig script. ..and any way to do this better. Cluster the Bluecoats across the WAN possibly?
We have IE, Chrome and Firefox.
Thank you.
ASKER
Yea, what they want to have is one autoconfig script for all locations which is easy enough in terms of the contents of the PAC file. What confuses me is how we can have the same hostname for all the Bluecoats without a cluster. Each Bluecoat has a different IP and must stay that way.
Your BC in site 1 might have 1.1.1.1 and the DNS in site 1 will resule to this IP and in site 2 the BC ip 2.2.2.2 should be resolved by the site 2 DNS. 1.1.1.1 should only be routable within site 1. Keep the hostname same in both the sites.
ASKER
If I could do that, great. How do I do that with DNS? It is 2008 Server R2 and the DNS servers overseas replicate with my america DNS servers. Originally you told me I could not do this with DNS
Like i said, both DNS will have same entry. but the IP address should not be routable across the two sites
ASKER
Yea, that is not really a solution. We are a good size enterprise and looking for a more solid solution. Maybe I will contact BlueCoat directly and see what they recommend.
Then the only option is use of PAC files.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
No real help. He was telling me something I already did. I was looking for the alternate. Just delete this entire chain out.
Else use PAC file and mention in it saying that if traffic from Region1 LAN - Use BC 1, if host IP from Region 2 LAN - Use BC 2
Examples of PAC can be found here
http://www.findproxyforurl.com/pac_file_examples.html