• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

WPAD autoconfig in complex environment - How?

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> General >> WPAD autoconfig in complex environment - How? Page: [1]
Login
Message << Older Topic   Newer Topic >>
WPAD autoconfig in complex environment - How? - 26.Jul.2007 5:14:13 PM   
ITGuy85

 

Posts: 8
Joined: 23.Jul.2007
Status: offline
We are looking at implementing ISA 2006 in a distributed complex environment for outbound proxy access. Typical scenario: Three regions with six ISA servers each, in pairs, at three internet gateway sites. Think North America, South America, and Africa.

There are various branch offices in each region, which only connect throught the internet via their in-region gateways. Some machines have static IPs, others are via DHCP.

We want "auto affinity" proxy configuration, meaning IE will be smart enought to pick the closest in-region ISA proxy box for internet access. We are looking at wpad. I'm aware of DNS and DHCP configurations. Given that some machines will have static IPs, a mixture of DHS and DHCP will be needed.

Now, how does one configure WPAD for "auto affinity" in this scenario? We can't rely on DHCP options entirely, since some machines have static IPs. As I understand it ISA server will create the wpad.dat file, but how can it know what clients should connect to what proxy? I'm not understanding how the DNS wpad option can enable enough intelligence for the branch offices.
Post #: 1
RE: WPAD autoconfig in complex environment - How? - 27.Jul.2007 3:12:18 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi ITGuy85,

check out http://forums.isaserver.org/m_350016600/mpage_3/key_/tm.htm#2002050021.

BTW --- with DHCP reservations you can avoid the use of static IP configs on internal hosts.

HTH,
Stefaan

< Message edited by spouseele -- 27.Jul.2007 3:15:26 PM >

(in reply to ITGuy85)
Post #: 2
RE: WPAD autoconfig in complex environment - How? - 21.Aug.2007 2:15:28 PM   
4242jpg

 

Posts: 12
Joined: 21.Aug.2007
Status: offline
In your DNS you create cname wpad that aims at your firewall.

In the Firewall you publish port 80 and you create a file wpad.dat with the contained: 
function FindProxyForURL(url,host)
{ if(isPlainHostName(host)||
   isInNet(host,"192.168.1.0","255.255.255.0")) return "DIRECT";
else return "PROXY 192.168.1.X:8080; DIRECT";
}

(in reply to ITGuy85)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> General >> WPAD autoconfig in complex environment - How? Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts