Proxy settings show correct setting but are using a different setting

We have two locations.  Both have a proxy server.  I work one day at one location, and the next at the other location.

When I move between the locations, I set the Internet Settings > connections > Lan > proxy to the correct locations proxy.

Location 1:  proxy.location1.com   resolves to (192.168.100.46)
Location 2:  proxy.location2.com   resolves to (192.168.1.46)

What is happening is that while at Location1, I found that I am actually routing to the Proxy at Location 2.
I have confirmed that my proxy settings is for Location 1.
I have confirmed on my laptop that the proxy.location1.com resolves to the correct ip address (192.168.100.46)

Does anyone know why  it would be using the other proxy setting, but everything shows the correct proxy setting?
HCSHAWAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

skullnobrainsCommented:
i assume those setting are in your browser. most likely you did not restart the browser. it is also possible that you have setup an OS-level proxy so your browser actually uses proxy1 but reaches it through proxy2 because of the OS-level setup
0
HCSHAWAuthor Commented:
The browser was restarted at the time of the issue.   The settings were confirmed as correct.   Yet when tested, it would still go through Proxy2, not 1 as the settings was saying.   You say OS-Level.  How do I check that?
0
skullnobrainsCommented:
browser restarted ? unless the browser was killed manually using the task manager you cannot be sure. also note that shutting down a windows 8 machine actually hibernates it so no process are actually killed when you stop+restart it.

how to check for something OS-level ? first tell us which os we are dealing with. i can infer windows + internet explorer given your question but nothing more
0
Introducing the "443 Security Simplified" Podcast

This new podcast puts you inside the minds of leading white-hat hackers and security researchers. Hosts Marc Laliberte and Corey Nachreiner turn complex security concepts into easily understood and actionable insights on the latest cyber security headlines and trends.

HCSHAWAuthor Commented:
Yes, it is windows 7.  Chrome or IE, both have the same issue.
0
skullnobrainsCommented:
"Internet Settings > connections > Lan" does not apply to chrome

this means that you either have some acquired proxy settings maybe through wpad or a similar mechanism on the site, or a system wide proxy.

you can check for os-level proxies using "netsh winhttp show proxy" from the command line (and equivalent command if it happens to be some other kind of proxy such as socks proxy)
0
skullnobrainsCommented:
btw, how did you determine you were using the wrong proxy ? network sniffer ?
0
HCSHAWAuthor Commented:
I was opening up a site on location 1 proxy while in that local network.  I could not connect to the site.   My proxy settings pointed to the location 1 proxy.  

I opened up the site on the location 2 proxy and found that I could now access the site.   I was being routed to the other subnet and out their proxy.  

"Internet > connections > lan" do apply to chrome as well.  I control users internet access with a global policy that forces the connections to the local proxy for internet traffic.    Firefox will allow you to bypass the group policy settings but chrome recognizes them.

Netsh ... reports Direct access (no proxy server)   .  However it is set up in Internet settings > Connections > lan.
0
skullnobrainsCommented:
your explanation regarding the use of a proxy or another is very unclear to me. "open the site on the location 2 proxy"... the same WEBsite as previously ? open a site on a proxy ?


""Internet > connections > lan" do apply to chrome as well"
yes, i was mistaken

"I control users internet access with a global policy that forces the connections to the local proxy for internet traffic"
can you elaborate ? are we talking about a GPO ? if so, it is very likely that the gpo has a higher priority than whatever you can configure manually. if you're talking about a firewall or router redirection/interception, whatever was setup also won't apply.

"Netsh ... reports Direct access (no proxy server)   .  However it is set up in Internet settings > Connections > lan. "
this is expected behavior. netsh gives information regarding os-level proxy while internet setting is supposed to be application-level
0
HCSHAWAuthor Commented:
Gpo points users to the proxy.  
They are set to not allow changing the proxy settings. A seperate Gpo for me also points me but allows me to overide the setting.

The firewall sends internet traffic to the proxy which then passes it to the user and vice versa.  User sends traffic to firewall which passes to internet.


Stating the issue another way.   My laptop was using the location 2 proxy when set to use location 1.   We use dans guardian as a filter.   The proxy (squid) and DG are the same machine.  Traffic goes to squid then is checked by DG.  The DG allows me to bypass filtering of a site.  

While at location 1 and set to use the Proxy/DG of location 1 I found a site that was being blocked.  I added the site to DG as a safe site.   I then tried again to connect to the site.  No go.  Blocked.   Out of courisity I then added the site to the location 2 DG. I tried to access again and was allowed to the site.  

Besides tracert , is there an easy way to trace the route that a machine is taking to the website?  We do not have allowed ping response turned on so trace route comes back with incomplete data.  

Thanks
0
skullnobrainsCommented:
tracert is meant to debug basic ip routing and your issue resides elsewhere

The firewall sends internet traffic to the proxy which then passes it to the user and vice versa.  User sends traffic to firewall which passes to internet.

if the firewall is the one sending traffic to the proxy, you have transparent proxying enabled so whatever you configure on the machine will not solve the issue. this fact is quite uncertain given the above information.

at this point, a local wiresherk would be a great way to figure heads and tails out of this mess : either your machine send GET http://whatever.tld/path to the proxy server, and the issue is host-related, or the machine sends GET /path to whatever.com, and the issue is network related
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
HCSHAWAuthor Commented:
Ok, I will give that a try.
0
skullnobrainsCommented:
you don't have to accept answers when you did not get one. feel free to post the actual answer if you figure it out, and feel free to ask more questions in this thread.
0
HCSHAWAuthor Commented:
I went on an all out investigation into our network settings.   There was a lot of clean up that needed to happen, but nothing that would have caused the behavior I experienced.
Some areas that were reviewed and cleaned up
1) DNS
entries that were stale were removed.
DNS for the proxy was confirmed as correct.
2) DHCP
cleaned up and validated the settings it was handing out
3) Dans Guardian
Cleaned up some old stale settings.  Still nothing that would cause the issue.
4) Router
Reviewed all rules and cleaned up.
Again, nothing to explain the behavior
5) My PC
Reviewed all network settings and they are correct.

At this point it is working correctly, so whatever it was probably cannot be traced now.

Again, thanks for the help.
0
skullnobrainsCommented:
too bad it cannot be traced any more but good to see you worked it out somehow.

best regards

---

ps regarding EE :

although it is always welcome to reward the effort of those who tried to be helpful, it is perfectly legit to accept your own answer (and get point refunded) if you are the one to figure things out in the end, or accept your own answer and award points to others as assisted answers, or even ask for the question to be deleted.

the main point to consider when making the decision is which information (if any) might be useful to another reader with a similar problem (assuming that the reader does exist even if your problem is highly specific)

note that the above reflects my personal opinion, and are not official guidelines of the forum (which are published somewhere on the site)
0
HCSHAWAuthor Commented:
Thanks for your comments on awarding points.  Although this is not a complete answer, it is one that does explore how to step through trouble shooting it.  Although  I didn't find the exact  answer, I did find a way to research it and find out what it wasn't , and I walk away a little smarter. Thus the reason for the points awarded.  ; )
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.