This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Accessing Astaro using Auto Pac / WPAD

I have just implemented WPAD into our network, browsers are now being assigned the proxy details and can access web pages however im unable to access the astaro admin. When manually configuring the browsers i could add the ip address as an exception and it worked great however it no longer does. Obviously the PAC file is configured incorrectly so i was hoping someone could give me some insight into this. Pac file below:

function FindProxyForURL(url, host) {



// If URL has no dots in host name, send traffic direct.

	if (isPlainHostName(host))

		return "DIRECT";



// If IP address is internal or hostname resolves to internal IP, send direct.



	var resolved_ip = dnsResolve(host);



	if (isInNet(resolved_ip, "10.0.0.0", "255.0.0.0") ||

		isInNet(resolved_ip, "172.16.0.0",  "255.240.0.0") ||

		isInNet(resolved_ip, "192.168.0.0", "255.255.0.0") ||

		isInNet(resolved_ip, "127.0.0.0", "255.255.255.0"))

		return "DIRECT";



// All other traffic uses below proxies, in fail-over order.

	return "PROXY 192.168.y.z:8080; DIRECT";

	

}

Thanks
Chris

This thread was automatically locked due to age.

Parents

0 d00b over 14 years ago

Chris,

You may have to consider the extra dns resolving steps. I've used a script like yours and my internal DNS server couldn't handle all the requests.

A list of the domains that eventually resolve to internal address can reduce the lag.

function FindProxyForURL(url, host) {

// Exception for plain hosts
if ( isPlainHostName(host) ){return "DIRECT";}

// Exception for internal zones
if (   shExpMatch(host, "*.internal.domain")
    || shExpMatch(host, "*.zone.tld")
)
{
 var resolved_ip = dnsResolve(host);
 if (   isInNet(resolved_ip, "10.0.0.0",    "255.0.0.0")
     || isInNet(resolved_ip, "172.16.0.0",  "255.240.0.0")
     || isInNet(resolved_ip, "192.168.0.0", "255.255.0.0")
     || isInNet(resolved_ip, "127.0.0.0",   "255.0.0.0")
     )
     {return "DIRECT";}
}

// Exception based on the src IP
//if (myIpAddress() == "999.999.999.999") {return "DIRECT";}

// Expection based on the proto (need to adjust lenght)
//if (url.substring(0, 6) == "https:") {return "DIRECT";}

if (shExpMatch(url,"passthrough.fw-notify.net*/*")) {return "DIRECT";}

return "PROXY 192.168.1.1:8080";
}

The exception for passthrough.fw-notify.net solved a "save" download problem.

Best regards,
Marcos

Reply

0 d00b over 14 years ago

function FindProxyForURL(url, host) {

// Exception for plain hosts
if ( isPlainHostName(host) ){return "DIRECT";}

// Exception for internal zones
if (   shExpMatch(host, "*.internal.domain")
    || shExpMatch(host, "*.zone.tld")
)
{
 var resolved_ip = dnsResolve(host);
 if (   isInNet(resolved_ip, "10.0.0.0",    "255.0.0.0")
     || isInNet(resolved_ip, "172.16.0.0",  "255.240.0.0")
     || isInNet(resolved_ip, "192.168.0.0", "255.255.0.0")
     || isInNet(resolved_ip, "127.0.0.0",   "255.0.0.0")
     )
     {return "DIRECT";}
}

// Exception based on the src IP
//if (myIpAddress() == "999.999.999.999") {return "DIRECT";}

// Expection based on the proto (need to adjust lenght)
//if (url.substring(0, 6) == "https:") {return "DIRECT";}

if (shExpMatch(url,"passthrough.fw-notify.net*/*")) {return "DIRECT";}

return "PROXY 192.168.1.1:8080";
}

The exception for passthrough.fw-notify.net solved a "save" download problem.

Best regards,
Marcos

Children

No Data