Re: auto discovery not working
- From: "Phillip Windell" <philwindell@xxxxxxxxxxx>
- Date: Mon, 3 Aug 2009 10:19:23 -0500
I've had the same opinion of the articles back when I was sorting mine out.
I know of no "how to" written by anyone. But without getting into the WU
thing again, I can list the specs of how I did mine for autodetection (with
screen shots).
Do them in this order....
First,...DNS
Create a CNAME called "wpad" Keep it lower case, there are some things that
may be sensitive to that,..I don't remember where, so just leave if lower
case and don't worry about it. Point the CNAME at the "A" Record of your
ISA Server.
Second,....DHCP
Go to the Server Options. Create a "252" option and call it "wpad". Give
is a string value to the wpad.dat file with a URL based on the CNAME and the
AD Domain Name. This will be on port 80 (unlike what some of those
articles might say),...so there is no reason to include the Port# in the URL
(unlike what some of those articles might say, again). So it might look
like this: http://wpad.ad-domain.loc/wpad.dat
Then in the ISA MMC go to the properties of the Internal Network Definition.
Configure it based on these screenshots:
http://support.wandtv.com/ISA/proxyautodetection1.jpg
http://support.wandtv.com/ISA/proxyautodetection2.jpg
http://support.wandtv.com/ISA/proxyautodetection3.jpg
At this point you should be able to open a browser on any machine and try to
go to the "wpad" URL (http://wpad.ad-domain.loc/wpad.dat) according to how
you spelled it in the DHCP Option. It should prompt you to save or open the
file. Tell it open and you should see the content of the wpad.dat
file,...then change the file on the end of the URL to wspad.dat
(http://wpad.ad-domain.loc/wspad.dat),...it should do the same thing with
the contents of that file. No there is no DNS or DHCP entry to cover the
wspad.dat URL,...the system is smart enough on its own to know how to handle
that.
Install the Firewall Client on the machines. The FWC will automatically
push the settings to the browser and will keep the browser configured,...if
someone changes the brower's setting the FWC will (should) force the setting
back on the next refresh cycle (I think about 30 minutes).
If the machine does not have the FWC then just enable the first checkbox in
the proxy settings for "Automatically Detect Settings. You can also enable
the second checkbox for "Use Configuration Script" and then enter the
following addresses based on the name of your proxy
(http://your-proxy:8080/array.dll?Get.Routing.Script) . Notice that this is
not the wpad URL and that it is not on 80,...it is on 8080. However I
believe the wpad URL would work there if you used it. But anyway, you may
be fine without that and just enable the first checkbox for "Automatically
Detect Settings".
--
Phillip Windell
The views expressed, are my own and not those of my employer, or Microsoft,
or anyone else associated with me, including my cats.
-----------------------------------------------------
Technet Library
ISA2004
http://technet.microsoft.com/en-us/library/cc302436(TechNet.10).aspx
ISA2006
http://technet.microsoft.com/en-us/library/bb898433(TechNet.10).aspx
Understanding the ISA 2004 Access Rule Processing
http://www.isaserver.org/articles/ISA2004_AccessRules.html
Troubleshooting Client Authentication on Access Rules in ISA Server 2004
http://download.microsoft.com/download/9/1/8/918ed2d3-71d0-40ed-8e6d-fd6eeb6cfa07/ts_rules.doc
Microsoft Internet Security & Acceleration Server: Partners
http://www.microsoft.com/isaserver/partners/default.mspx
Microsoft ISA Server Partners: Partner Hardware Solutions
http://www.microsoft.com/forefront/edgesecurity/partners/hardwarepartners.mspx
-----------------------------------------------------
"aviator" <aviator@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:5E11FC77-50C6-42F6-A789-F9294438EA19@xxxxxxxxxxxxxxxx
"Jens Baier" wrote:
Hi,
I installed a firewall client on a fresh installed Xp workstation
try to connect to the isa with auto det, but no result (manually, no
problem)
have a look at the following links and compare this with your settings:
http://support.microsoft.com/kb/309814
http://support.microsoft.com/kb/838122
http://technet.microsoft.com/en-us/library/cc713344.aspx
--
Gruss Jens
www.it-training-grote.de
www.forefront-tmg.de
https://mvp.support.microsoft.com/profile/Marc.Grote
http://blog.it-training-grote.de
The auto discovery part of ISA server was something which I never did
manage
to egt working. hence my recent problem with windows update and having to
use
proxycfg -p not -d.
The 3 articles above don't help in setting up auto discovery as they are
full of inconsistencies or simply wrong.
Is there a definitive "this is how to set up auto discovery" which someone
has actually used and found to work?
A
.
- Follow-Ups:
- Re: auto discovery not working
- From: aviator
- Re: auto discovery not working
- References:
- Re: auto discovery not working
- From: aviator
- Re: auto discovery not working
- Prev by Date: Re: auto discovery not working
- Next by Date: Re: auto discovery not working
- Previous by thread: Re: auto discovery not working
- Next by thread: Re: auto discovery not working
- Index(es):
Relevant Pages
|
