1

This is kinda a Part two from here.

When clients VPN into my network they get assigned an Ip address which in turn gives them the 252 option from the DHCP. The auto detect then grabs this file

What I need essentially is a way for the proxy.pac to figure out if a client is on a VPN connection so that it can resolve a DIRECT for them.

So if I do a simple var myIp = myipAddress() and then just have it match it from a list of these fixed addresses then it would be solved. However the myIpAddress() function seems to be picking up the local Ip to the machine (eg: 192.168.10.1) and not the network adapter. In my case that local address is my MS Loopback which is needed for some of my local VMs. If I disable my Loopback adapter it starts resolving the correct address. This is not an ideal workaround.

So how do I go about resolving the Ip address I want from the correct adapter?

  • I have been conducting this testing from my local machine for now.
  • I am aware that it is not a closed VPN solution, it is just what has been decided at the moment.

Thanks in advance...

Community
  • 1
Qwerty
  • 1,504
  • 2
  • 15
  • 24

3 Answers3

3

It is possible to redirect the wpad.dat to wpad.aspx and find the ip address with ASP:

<%
Dim strClientIP As String
strClientIP = Request.UserHostAddress()
%>

function FindProxyForURL(url, host)
{
    //proxy definition
    var UseProxy = "PROXY x.x.x.x:8080"

    if (isPlainHostName(host)) {return "DIRECT"; }

    if (isInNet("<%Response.Write(strClientIP)%>", "x.x.1.0", "255.255.255.0"))
        return UseProxy;
    else
        return "DIRECT";
}
leszek.hanusz
  • 131
  • 2
3

Unfortunately, getting myIpAddress() to return the correct address in Windows does involve changing the priority of the NICs (in Windows XP this is in the "Advanced Settings..." dialog of the "Advanced" menu of the "Network Connections" dialog).

Here's someone else's problem that looks like what you're seeing: http://www.geurtsrus.com/gerke/2005/01/proxy-auto-configuration-blues.html

You might do better to detect the IP address that need proxying, rather than the ones that don't (i.e. local subnets in the company) and assume DIRECT otherwise.

Another alternative would be to pass a different PAC DHCP option to clients on the VPN. That might be easy if your VPN users are coming out of a dedicated subnet, but it might not be if they're coming out of a LAN subnet.

Evan Anderson
  • 141,071
  • 19
  • 191
  • 328
0

What browser are you using? Mozilla based browsers had problems with this, but they could not easily be solved because the function call was originally defined assuming a system was single-homed (which is completely false unless you are disconnected from the physical network, and running only on loopback).

benc
  • 663
  • 1
  • 5
  • 13