We help IT Professionals succeed at work.

How to use PAC file to configure browser to use proxy server when inside work network, but use autodetect when connected anywhere else

929 Views
Last Modified: 2014-11-30
I would like our Laptop users to point to our Proxy server when they are connected inside any of the branch offices in our network. I would also like the browsers to use AutoDetect settings when connected anywhere else (eg when they are at home).

Is this possible with a PAC file?
Comment
Watch Question

Bud DurlandDirector of IT
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
I would prefer not to use DHCP to deploy the WPAD.
Our branch office DHCP scopes are managed on the router at each site by our ISP. For the ISP to add the appropriate scope setting in DHCP, it will cost thousands of dollars in project management & will take 3 months for them to implement.  

Is that the only way to achieve what I am looking to do?
Bud DurlandDirector of IT
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
Thanks for that. Do you know where I can get an example of a wpad file?

I want to add the list of subnets for our branch offices (for which to use the Proxy server)
and I would like it to treat any other network as direct internet access.

Author

Commented:
I ended up going with a PAC file.
I have hosted on a web server, created the PAC CNAME ref in AD and it is pointing to the IIS host.
URL is http://pac/proxy.pac
I also added the MIME setting for .pac

If I enter the file path into a browser, the PAC file is presented and I can open it if I like. I would assume this would mean the URL path is fine. However if I then type that address into the "Use Auto Config Script" section in the IE Internet options, and try browse a page, it just times out.

There are no events generated on the web host.

I cannot test the PAC file locally as I am running IE11 & apparently it no longer supports local paths for PAC files.

Author

Commented:
I am guessing I am missing something from my PAC file. As it never seems to apply. I have tested it on a PC running IE7 (where apparently you can still run it from a local path), but nothing still.

I can manually enter the proxy server IP & port into the proxy settings in IE & it works, but just not when I point the auto config script to the pac file.

My basic test pac file is as follows ( I X'd out the IP details for privacy):

function FindProxyForURL(url, host)
{
if (isInNet(myIpAddress(), “XXX.XXX.XXX.XXX”, “255.255.255.0”))
      return “PROXY XXX.XXX.XXX.XXX:XXXX";
else
      return “DIRECT”;
}


There are approx 15 subnets where I want users to point to the proxy. But lets just start with 1 subnet where the test machine is.

If the user is not in one of the subnets, then they need direct access.
Currently the page times out with the pac file in place.
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
Thanks for that, as you mentioned, I only want users to point to the proxy server in the office.
So if the pac file location was hosted on an internal resource, and I add the auto config file path, it should use it in the office, but it will ignore it at home and use auto detect? (just making sure the users don't have to make the changes themselves when in & out of the office).
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
I don't have Auto detect ticked. Never did.

I just want for PC's to point to our proxy server when in the office & to have direct internet access anywhere else.

My understanding is that this is achieved through either a Proxy.pac or WPAD.dat file and entering the path into the "auto config script" section in the browsers LAN settings.

If this is not right, please tell me otherwise. I'm not saying that I need to use Proxy.pac or WPAD, but this is what I was advised was the most practical solution.
 
If this is right, then it brings us to problem 2 (But lets ignore everything said above for now. I just want the browser to detect the pac or wpad file first)

Neither file works when the path is entered into the browsers auto config script (when in the office). It appears as if the browser ignores the details in the script & the browser eventually fails to load anything. However if I navigate to the path with Windows Explorer, I am prompted to either open or save the file (which I assume means the path is correct). In older browsers, instead of opening the file, it displays the script text in the browser.

I have tested hosting the file locally on the client device, on a web server & in a UNC share. All fail to detect the file. I have since discovered that since IE10, you cannot use local paths anymore.

I read somewhere that the file needs to be saved as a ANSI file type, but this doesn't seem to change anything. I am out of ideas. Perhaps there is a role or feature that I am missing off the web host or off the client?
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Author

Commented:
The file associations were in place already
CERTIFIED EXPERT
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.