RE: Proxy server configurations

2008-03-12 Thread Edwards, David 
Thanks, Ken and Ben. I will review the links. I actually do have wpad
setup in DNS and I believe I have the redirect configured also. I guess
I need to understand how the browser should be configured. Currently we
have GP push to check Automatically detect settings and Use automatic
configuration script which points to our pac file. I will review these
links and see if I can get it working the way I want. 
  
Regards, 
Dave

-Original Message-
From: Ken Schaefer [mailto:[EMAIL PROTECTED] 
Sent: Monday, March 10, 2008 8:11 PM
To: NT System Admin Issues
Subject: RE: Proxy server configurations

Hi,

In addition to Ben's comments:

a) you can just rename your .pac file to .wpad without need to configure
any redirects in IIS (at least for IE clients)

b) you can either use the DNS option outlined by Ben, or use the DHCP
option (which gives you a bit more flexibility as you can have
arbitrarily named hosts etc)

c) everything else is explained here:
http://en.wikipedia.org/wiki/Wpad
and
http://homepages.tesco.net./~J.deBoynePollard/FGA/web-browser-auto-proxy
-configuration.html

Cheers
Ken

-Original Message-
From: Ben Scott [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 11 March 2008 11:51 AM
To: NT System Admin Issues
Subject: Re: Proxy server configurations

On 3/10/08, Edwards, David [EMAIL PROTECTED] wrote:
 We have some issues with traveling users that have to manually
 switch the proxy setting while not connected to the corp network
 and then back again when connecting via VPN or directly. We
 use a .pac file for auto config ...

  You need to implement WPAD (Web Proxy Auto Detection).  Since you
already have your PAC script, you're most of the way there.  WPAD is
basically just a standard that says, Look for a proxy config script
called http://wpad/wpad.dat and use it if you find it.  Then set your
roaming users to do proxy auto-detection, and problem solved.

  So, create a DNS alias (CNAME) called wpad in whatever DNS zone
your LAN hands out as the default parent domain name.  For example, if
your LAN uses corp.example.com, you would want
wpad.corp.example.com.  Make the target of the CNAME whatever the
name of the web server holding your PAC script is.

  Then, on the web server, create a redirection/alias/whatever named
/wpad.dat that points to your PAC script.  For example, on my
network, http://wpad/wpad.dat; ends up redirecting to
http://foogate/proxy.pac;.

  If you're using IIS, I believe what you do is create a Virtual
Directory object called wpad.dat, and set the content to be a
Redirection URL, but I don't use IIS much and I'm not near a Win
server right now.

  Which Apache, you just add Redirect /wpad.dat
http://whereever/proxy.pac; to your config file.

  HTH,

-- Ben


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm  ~



~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm  ~

RE: Proxy server configurations

2008-03-10 Thread Ken Schaefer 
Hi,

In addition to Ben's comments:

a) you can just rename your .pac file to .wpad without need to configure any 
redirects in IIS (at least for IE clients)

b) you can either use the DNS option outlined by Ben, or use the DHCP option 
(which gives you a bit more flexibility as you can have arbitrarily named hosts 
etc)

c) everything else is explained here:
http://en.wikipedia.org/wiki/Wpad
and
http://homepages.tesco.net./~J.deBoynePollard/FGA/web-browser-auto-proxy-configuration.html

Cheers
Ken

-Original Message-
From: Ben Scott [mailto:[EMAIL PROTECTED]
Sent: Tuesday, 11 March 2008 11:51 AM
To: NT System Admin Issues
Subject: Re: Proxy server configurations

On 3/10/08, Edwards, David [EMAIL PROTECTED] wrote:
 We have some issues with traveling users that have to manually
 switch the proxy setting while not connected to the corp network
 and then back again when connecting via VPN or directly. We
 use a .pac file for auto config ...

  You need to implement WPAD (Web Proxy Auto Detection).  Since you
already have your PAC script, you're most of the way there.  WPAD is
basically just a standard that says, Look for a proxy config script
called http://wpad/wpad.dat and use it if you find it.  Then set your
roaming users to do proxy auto-detection, and problem solved.

  So, create a DNS alias (CNAME) called wpad in whatever DNS zone
your LAN hands out as the default parent domain name.  For example, if
your LAN uses corp.example.com, you would want
wpad.corp.example.com.  Make the target of the CNAME whatever the
name of the web server holding your PAC script is.

  Then, on the web server, create a redirection/alias/whatever named
/wpad.dat that points to your PAC script.  For example, on my
network, http://wpad/wpad.dat; ends up redirecting to
http://foogate/proxy.pac;.

  If you're using IIS, I believe what you do is create a Virtual
Directory object called wpad.dat, and set the content to be a
Redirection URL, but I don't use IIS much and I'm not near a Win
server right now.

  Which Apache, you just add Redirect /wpad.dat
http://whereever/proxy.pac; to your config file.

  HTH,

-- Ben


~ Upgrade to Next Generation Antispam/Antivirus with Ninja!~
~ http://www.sunbelt-software.com/SunbeltMessagingNinja.cfm  ~