Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

XP SP3 DHCP WPAD

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> XP SP3 DHCP WPAD Page: [1]
Login
Message << Older Topic   Newer Topic >>
XP SP3 DHCP WPAD - 20.May2008 3:41:39 PM   
rkasbohm

 

Posts: 1
Joined: 20.May2008
Status: offline 		Our WPAD in our DHCP is no longer working on computers upgrade to XP SP3.  Any ideas or having the same problems?
Post #: 1
RE: XP SP3 DHCP WPAD - 22.May2008 1:29:10 PM   
pfitchie

 

Posts: 13
Joined: 18.Apr.2005
Status: offline
Hey rkasbohm,
 
I have been battling this same problem for the last few hours and have found a resolution.  My environment was as follows:
 
 
After SP3 the client machines would no longer get DHCP Option 252.  After a packet sniff I was able to determine that IE/SP3 was only looking for http://wpad.my.domain/wpad.dat and not the address laided out in DHCP.
 
First however the reason why it is happening as far as I can tell.
 
The behavior for "Automatically Detect Settings" when the XP SP3 box is a domain member with a dns suffix appears to only allow IE to look for wpad.my.activedir.domain and no longer retreive this information from DHCP if available.  Also noticed that if the "Automatically Detect Settings" option is pushed via GPO it will not actually be checked if no wpad.my.activedir.domain exists.  I may be wrong on this and someone further down the road may answer this better or have an answer to get it to work as previously configured.
 
How I fixed it:
  1. Create a DNS (A) Record in your AD DNS Name space called WPAD and pointing to the ip address of the server you previous used to hand out the PAC file.
  2. On the server you created the DNS record for make sure wpad.dat is in the root document folder of the web server.  In my case I had to rename my PAC file from proxy.js to wpad.dat
And that appears to be it.  Now of course if your GPO was pushing a seperate PAC file to different machines then this solution only allows 1 wpad.dat file however you can use the javascript functions with in that file to do checking based on subnet which is what I do to return a different proxy for each physical site.
 

Patrick

(in reply to rkasbohm)
Post #: 2
RE: XP SP3 DHCP WPAD - 2.Jun.2008 3:32:27 AM   
HePa

 

Posts: 135
Joined: 9.May2008
From: Sweden, Gothenburg
Status: offline 		I would recomend to use DHCP and DNS when using WPAD!
Clients will first try to apply the WPAD settings from DHCP, where from the client get the IP address, gateway, DNS servers, WINS server etc. If the client somehow don't get options from DHCP, having a static IP-adress configured, he then use DNS to query WPAD.

_____________________________

HePa

(in reply to pfitchie)
Post #: 3
RE: XP SP3 DHCP WPAD - 2.Jun.2008 10:56:27 AM   
pwindell

 

Posts: 782
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline 		You don't create a new A-Record in DNS for wpad,....

You create a CNAME called "wpad" and point it at the existing A-Record for the ISA.

ISA Server: Troubleshooting Automatic Detection
http://technet.microsoft.com/en-us/library/cc302643.aspx
http://www.microsoft.com/technet/isa/2004/ts_wpad.mspx

_____________________________

Phillip Windell
www.wandtv.com

(in reply to rkasbohm)
Post #: 4
RE: XP SP3 DHCP WPAD - 2.Jun.2008 1:28:54 PM   
HePa

 

Posts: 135
Joined: 9.May2008
From: Sweden, Gothenburg
Status: offline
quote:

ORIGINAL: pwindell

You don't create a new A-Record in DNS for wpad,....

You create a CNAME called "wpad" and point it at the existing A-Record for the ISA.

ISA Server: Troubleshooting Automatic Detection
http://technet.microsoft.com/en-us/library/cc302643.aspx
http://www.microsoft.com/technet/isa/2004/ts_wpad.mspx


A CNAME ofcourse, missed to mention that. Thanks for filling in!


_____________________________

HePa

(in reply to pwindell)
Post #: 5
RE: XP SP3 DHCP WPAD - 2.Jun.2008 2:12:09 PM   
pwindell

 

Posts: 782
Joined: 12.Apr.2004
From: Taylorville, IL
Status: offline 		I'm sure it works either way, but the CNAME just seems to be a "cleaner" DNS configuration to me.  :-)


_____________________________

Phillip Windell
www.wandtv.com

(in reply to HePa)
Post #: 6
RE: XP SP3 DHCP WPAD - 2.Jun.2008 2:47:33 PM   
HePa

 

Posts: 135
Joined: 9.May2008
From: Sweden, Gothenburg
Status: offline 		Yes it should but in all the articles and best practices they refere to a CNAME so it's good to point that out=)!

_____________________________

HePa

(in reply to pwindell)
Post #: 7
RE: XP SP3 DHCP WPAD - 3.Jun.2008 8:55:08 AM   
HePa

 

Posts: 135
Joined: 9.May2008
From: Sweden, Gothenburg
Status: offline
quote:

ORIGINAL: HePa

Yes it should but in all the articles and best practices they refere to a CNAME so it's good to point that out=)!

and why they do that is because the A record is registerd by the ISA server, or manually created to point to the ISA server (if the DNS don't handle dynamic updates). The CNAME is there after created for WPAD and pointed to the A record....well thats the actual explanation. I noticed that the above comment wasn't that nice so I added some information

_____________________________

HePa

(in reply to HePa)
Post #: 8
RE: XP SP3 DHCP WPAD - 21.Aug.2008 4:30:26 PM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline
quote:

ORIGINAL: HePa

Yes it should but in all the articles and best practices they refere to a CNAME so it's good to point that out=)!


Actually, an A record is cleaner and you don't have to worry about compications related to CNAME "stacking"

Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to HePa)
Post #: 9
RE: XP SP3 DHCP WPAD - 21.Aug.2008 6:52:41 PM   
Jason Jones

 

Posts: 2137
Joined: 30.Jul.2002
From: United Kingdom
Status: offline 		Interesting...

_____________________________

Jason Jones (MVP)

Silversands Limited http://www.silversands.co.uk
My Blog: http://blog.msfirewall.org.uk/

Get our NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to tshinder)
Post #: 10
RE: XP SP3 DHCP WPAD - 22.Aug.2008 9:32:13 AM   
tshinder

 

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline 		Hi Jason,

Don't you remember years ago when people were having problems with CNAME record stacking and wpad failures?

I know if you don't stack them, you won't run into problems, and CNAME is just a management convenience, but if you don't plan on changing the IP addresses of your A record for the ISA firewall, then CNAME isn't really required.

Tom

_____________________________

Thomas W Shinder, M.D.
Sr. Consultant/Technical Writer
Prowess Consulting http://www.prowessconsulting.com/
Blog: http://blogs.isaserver.org/shinder/

GET THE NEW ISA 2006 Book!: http://tinyurl.com/2gpoo8

(in reply to Jason Jones)
Post #: 11

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 Firewall] >> Firewall Client >> XP SP3 DHCP WPAD Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts