Welcome to ISAserver.org
Forums |
Register |
Login |
My Profile |
Inbox |
RSS 
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
WPAD autoconfig in complex environment - How?
|
Users viewing this topic:
none
|
Logged in as: Guest
|
Login  | |
|
WPAD autoconfig in complex environment - How? - 26.Jul.2007 5:14:13 PM
|
|
|
ITGuy85
Posts: 8
Joined: 23.Jul.2007
Status: offline
|
We are looking at implementing ISA 2006 in a distributed complex environment for outbound proxy access. Typical scenario: Three regions with six ISA servers each, in pairs, at three internet gateway sites. Think North America, South America, and Africa.
There are various branch offices in each region, which only connect throught the internet via their in-region gateways. Some machines have static IPs, others are via DHCP.
We want "auto affinity" proxy configuration, meaning IE will be smart enought to pick the closest in-region ISA proxy box for internet access. We are looking at wpad. I'm aware of DNS and DHCP configurations. Given that some machines will have static IPs, a mixture of DHS and DHCP will be needed.
Now, how does one configure WPAD for "auto affinity" in this scenario? We can't rely on DHCP options entirely, since some machines have static IPs. As I understand it ISA server will create the wpad.dat file, but how can it know what clients should connect to what proxy? I'm not understanding how the DNS wpad option can enable enough intelligence for the branch offices.
|
|
|
|
|
RE: WPAD autoconfig in complex environment - How? - 27.Jul.2007 3:12:18 PM
|
|
|
spouseele
Posts: 12782
Joined: 1.Jun.2001
From: Belgium
Status: offline
|
Hi ITGuy85,
check out http://forums.isaserver.org/m_350016600/mpage_3/key_/tm.htm#2002050021.
BTW --- with DHCP reservations you can avoid the use of static IP configs on internal hosts.
HTH,
Stefaan
< Message edited by spouseele -- 27.Jul.2007 3:15:26 PM >
|
|
|
|
|
RE: WPAD autoconfig in complex environment - How? - 21.Aug.2007 2:15:28 PM
|
|
|
4242jpg
Posts: 12
Joined: 21.Aug.2007
Status: offline
|
In your DNS you create cname wpad that aims at your firewall.
In the Firewall you publish port 80 and you create a file wpad.dat with the contained:
function FindProxyForURL(url,host)
{ if(isPlainHostName(host)||
isInNet(host,"192.168.1.0","255.255.255.0")) return "DIRECT";
else return "PROXY 192.168.1.X:8080; DIRECT";
}
|
|
|
|
 New Messages |
 No New Messages |
 Hot Topic w/ New Messages |
 Hot Topic w/o New Messages |
 Locked w/ New Messages |
 Locked w/o New Messages |
|
 Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|
Printable Version
