Re: [squid-users] XP IE 6.x Machines Ignoring Proxy - Squid 2.5.14

From: <eric.watters@dont-contact.us>
Date: Thu, 27 Jul 2006 12:45:33 -0400

It works fine if we manually configure the location of the PAC file in the
browser. However, our end users (about 2000 of them) won't go for having
to uncheck that option if we push it out by GPO. I hadn't had any luck
googling the symptoms so I was hoping somebody on the list may have
experienced this issue. We never noticed it before because we hadn't been
locking down the firewalls very tight. So when we started forcing people
through the proxy we didn't realize the issue because they would just go
out direct to the web if they didn't go to the proxy. With the Default
Deny, if they initate any traffic to any Non-RFC 1918 space the traffic is
dropped. So that is when we noticed the issue. Thoughts ?

Regards,

Eric Watters
Network Engineer
PRG Schultz
Desk: 770.779.3318
Cell: 404.247.0646

eric.watters@prgx.com
07/25/2006 02:03 PM

To
squid-users@squid-cache.org
cc

Subject
[squid-users] XP IE 6.x Machines Ignoring Proxy - Squid 2.5.14

Hello All........I have been rolling out a "Default Deny" policy on all my

remotely connected VPN Sites. This policy drops all non RFC-1918 IP
space at the remote locations firewall. We are auto-detecting via Group
Policy. The endusers have no problem resolving wpad EVER. They can ping
wpad all the time. However, half the time these users are going directly
to the web instead of the proxy. Consequently, unless I allow outbound
http and https access on the remote firewalls access-list applied to the
internal interface (remote LAN facing), I get inconsistent web access.
"Page Cannot Be Displayed" a LOT of the time. This happens EVERYWHERE
meaning all the remote locations I have made the firewall change. I will
locate a user experiencing this issue and will debug on the remote
firewall for their web traffic. What I see is that for a few seconds the
end user makes calls to the Virtual Address on the Load Balancers at our
corporate office (as designed) and then suddenly see a flurry of traffic
trying to access the Public IP's of say........hotmail.com or yahoo.com. I

am stumped and have no idea why this is happening.

Regards,

Eric Watters
Network Engineer
PRG Schultz
Desk: 770.779.3318
Cell: 404.247.0646
Received on Thu Jul 27 2006 - 10:45:46 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Aug 01 2006 - 12:00:02 MDT