Wpad/Pac file - not picking up VPN network subnet

This forum is for general conversation and user-user networking.
Post Reply
Kyzen79
OpenVpn Newbie
Posts: 1
Joined: Wed Jan 13, 2021 7:15 pm

Wpad/Pac file - not picking up VPN network subnet

Post by Kyzen79 » Wed Jan 13, 2021 7:47 pm

Hi guys,

I have a slight issue here. We are putting in Watchguard firewalls and unfortunately our environment uses Wpad/Pac files. On the internal LAN and various sites, everything is working fine. However, when using the Watchguard VPN to test the pac file, it is as though the line for the VPN network is being omitted and instead the default rule is applied.

I have setup a web server locally on my machine and pointed the Proxy to http://localhost/wpad.dat for testing. When using the checkpoint VPN, the below works fine using the checkpoint network (i've commented it below). The Watchguard VPN, using the OpenVPN application and I am wondering whether there is somethign in the syntax it doesn't like? I have read that the 'myIpAddress' function is a hit or miss. I've tried putting curly brackets, no brackets, you name it. When using the Watchguard VPN, instead of breaking out directly like the rule says below, it skips that line and goes right to the proxy at the bottom line. Any ideas on whether I should change the syntax? Or write it differently?

function FindProxyForURL(url, host) {
//url = url.toLowerCase();
//host = host.toLowerCase();

// If the hostname matches, send direct.
if (dnsDomainIs(host, ".contoso.com") ||
shExpMatch(host, "(*.contoso.com|contoso.local)"))
return "DIRECT";


// If the requested website is hosted within the internal network, send direct.

if (isPlainHostName(host) ||
shExpMatch(host, "*.local") ||
isInNet(dnsResolve(host), "10.0.0.0", "255.0.0.0") ||
isInNet(dnsResolve(host), "172.16.0.0", "255.240.0.0") ||
isInNet(dnsResolve(host), "192.168.0.0", "255.255.0.0") ||
isInNet(dnsResolve(host), "173.37.0.0", "255.255.0.0") ||
isInNet(dnsResolve(host), "127.0.0.0", "255.255.255.0"))
return "DIRECT";


// Checkpoint VPN
if (isInNet(myIpAddress(), "192.168.50.0","255.255.254.0"))
return "DIRECT";

//Watchguard VPN

if (isInNet(myIpAddress(), "10.201.50.0","255.255.254.0"))
return "DIRECT";

return "PROXY 10.202.1.1:3128; DIRECT";
}

Thanks a lot for helping
Kyzen

Post Reply