Hello all,
1. Current UTM version: 9.309-3
2. Among other Web Filter profiles, I have a "Standard - ADSSO" profile that I am testing with a few specific internal hosts.
3. I have already successfully configured WPAD/DNS to work, but currently I have it "disabled" (by DNS global block) and have test host's browser manually configured with "use automatic configuration script".
When my PAC reads:
function FindProxyForURL(url, host)
{
if (isInNet(dnsResolve(host), "ext subnet IP", "255.255.255.240"))
return "DIRECT";
return "PROXY utmname.domain.local:8080; DIRECT";
}
internet browsing behaves as expected and Web Filtering log correctly displays logged in AD User and Domain. But I am not able to access WebAdmin from same host, regardless of name/IP.
If I change my PAC file to:
function FindProxyForURL(url, host)
{
if (isInNet(dnsResolve(host), "ext subnet IP", "255.255.255.240") ||
if (localHostOrDomainIs(host, "utmfqdn"))
return "DIRECT";
return "PROXY rimanc.rim-cloud.local:8080; DIRECT";
}
I can access UTM, but internet browsing does not behave as expected and logs show null username and null domain and also indicates that the Web Filter profile was skipped and instead using the default Web Filter.
I have also tried:
if (isInNet(dnsResolve(host), "int IP of utm:4444", "255.255.255.0"))
if (isInNet(dnsResolve(host), "int IP of utm", "255.255.255.0"))
changed both of the above's last netmask octet to 255
and tried both internal and external names.
I obviously do not speak "Java".
Am I barking up the wrong tree, or do I have my PAC syntax all wrong? What I am trying to achieve is to be able to access the WebAdmin GUI when Standard-ADSSO is being applied to all other "non-excluded" sites.
WebAdmin port is still 4444, and HTTP Proxy is included in the "Allowed target services".
Truly thankful,
Tony
This thread was automatically locked due to age.
