This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

How do I configure laptops to allow internet browsing when off the network using group policy to configure proxy settings?

Sorry, need help again. We REALLY don't want to use the wpad method for configuring our computers with the proxy settings and would FAR rather use Group Policy.

However, how do we go about configuring laptops so that they use the utm proxy when plugged into domain but don't when they are at home or connected to a wireless connection when out and about?



This thread was automatically locked due to age.
Parents
  • One way of doing it would be the auto proxy configuration under web protection > filtering options > misc

    Entering the script in there ensures that clients get the proxy when behind the UTM but don't when they are out and about.

    Have a look on here for "auto proxy configuration" as there are a few bits that you might be interested in.

     

    Slightly off the subject (but still relevant), seeing as you are most likely using this commercially (group policy etc), if you are using Sophos endpoint protection (stand alone) you can actually enforce the same web rules externally to endpoints that you do internally behind the UTM dynamically eg if you block weapons category on the UTM, within minutes it's blocked on all clients regardless of where they are. If they are offline, it's updated when they come back online. It's a good feature that we currently use.

Reply
  • One way of doing it would be the auto proxy configuration under web protection > filtering options > misc

    Entering the script in there ensures that clients get the proxy when behind the UTM but don't when they are out and about.

    Have a look on here for "auto proxy configuration" as there are a few bits that you might be interested in.

     

    Slightly off the subject (but still relevant), seeing as you are most likely using this commercially (group policy etc), if you are using Sophos endpoint protection (stand alone) you can actually enforce the same web rules externally to endpoints that you do internally behind the UTM dynamically eg if you block weapons category on the UTM, within minutes it's blocked on all clients regardless of where they are. If they are offline, it's updated when they come back online. It's a good feature that we currently use.

Children
  • Louis-M said:

    One way of doing it would be the auto proxy configuration under web protection > filtering options > misc

    Entering the script in there ensures that clients get the proxy when behind the UTM but don't when they are out and about.

    Have a look on here for "auto proxy configuration" as there are a few bits that you might be interested in. 

     

    You can use DHCP option 252 to point your office people to the wpad/pac file that is setup on the UTM. Then use a GPO to make sure internet explorer is set to "automatically detect settings". This will carry over to other browsers that are installed on the PC's. This will use that DHCP option to tell the browser how to access the internet. You will need this, just creating the auto proxy config isn't enough (if you're running the proxy in standard mode). 

    When they leave the office, they no longer get DHCP option 252 and the automatically detect settings will let them out their regular internet.