+ Post New Thread
Page 2 of 2 FirstFirst 12
Results 16 to 25 of 25
Internet Related/Filtering/Firewall Thread, WPAD + DNS + APPLE = ??? in Technical; Originally Posted by CHR1S Its the last day of term, im gonna need the big picture version today!! lol. Rather ...
  1. #16


    Join Date
    Jan 2006
    Posts
    8,202
    Thank Post
    442
    Thanked 1,032 Times in 812 Posts
    Rep Power
    339
    Quote Originally Posted by CHR1S View Post
    Its the last day of term, im gonna need the big picture version today!!
    lol. Rather than have two files - you create a symbolic link so that if one file is edited so is the other!

    example
    Code:
    ln -s wpad.dat wpad.dat?

  2. Thanks to CyberNerd from:

    CHR1S (21st December 2012)

  3. #17

    CHR1S's Avatar
    Join Date
    Feb 2006
    Location
    Birmingham
    Posts
    4,489
    Thank Post
    1,575
    Thanked 479 Times in 302 Posts
    Rep Power
    215
    Quote Originally Posted by Michael View Post
    I know, but as far as I'm aware Apple doesn't support it via the DNS method. Alternatively in an ideal world a transparent proxy would resolve these sort of issues.
    That was my thinking.

    The transparent proxy is where im heading, just wanted this as a stop gap. Works great for laptops etc tho.

  4. #18

    Michael's Avatar
    Join Date
    Dec 2005
    Location
    Birmingham
    Posts
    9,262
    Thank Post
    242
    Thanked 1,568 Times in 1,250 Posts
    Rep Power
    340
    Quote Originally Posted by CHR1S View Post
    That was my thinking.

    The transparent proxy is where im heading, just wanted this as a stop gap. Works great for laptops etc tho.
    I've mentioned or hinted to Link2ICT/BGfL about a transparent proxy numerous times... Maybe I need to shout louder lol

  5. Thanks to Michael from:

    CHR1S (21st December 2012)

  6. #19
    Jon_boy1984's Avatar
    Join Date
    Oct 2007
    Location
    Worcestershire
    Posts
    60
    Thank Post
    10
    Thanked 15 Times in 15 Posts
    Rep Power
    37
    There is a registry entry on Server 2008+ that blocks DNS querys for wpad. Look on your server for the follow:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\DNS\Parameters\GlobalQueryBlockList

    Remove wpad entry.

    Not saying this will work, but it might help.

    Jon

  7. Thanks to Jon_boy1984 from:

    CHR1S (21st December 2012)

  8. #20

    CHR1S's Avatar
    Join Date
    Feb 2006
    Location
    Birmingham
    Posts
    4,489
    Thank Post
    1,575
    Thanked 479 Times in 302 Posts
    Rep Power
    215
    Quote Originally Posted by Michael View Post
    I've mentioned or hinted to Link2ICT/BGfL about a transparent proxy numerous times... Maybe I need to shout louder lol
    Got a call open with them


    Quote Originally Posted by Jon_boy1984 View Post
    There is a registry entry on Server 2008+ that blocks DNS querys for wpad. Look on your server for the follow:

    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\DNS\Parameters\GlobalQueryBlockList

    Remove wpad entry.
    Already done mate, thanks tho

  9. #21
    limbo's Avatar
    Join Date
    Aug 2005
    Location
    Birmingham
    Posts
    460
    Thank Post
    2
    Thanked 41 Times in 36 Posts
    Rep Power
    25
    Hey Chr1s - we have got a transparent proxy setup here if you wanted to pop over and see it in the New Year.

    One SID setup on our wireless specifically for BYOD which takes you to a separate DHCP server on an internal VLAN with a transparent proxy that then points to the BGfL proxy.

    No need for BGfL to need to do anything and none of the devices can see anything of the rest of the network.

    We have then setup a section of our VLE where students can register the MAC address of their device which gets entered into a radius server for authentication onto the SID. No need for intervention from us for them to gain connectivity, but secure.

    We went down this route because it also works with older Android and Kindle devices that do not support proxies at all.

  10. Thanks to limbo from:

    CHR1S (21st December 2012)

  11. #22

    CHR1S's Avatar
    Join Date
    Feb 2006
    Location
    Birmingham
    Posts
    4,489
    Thank Post
    1,575
    Thanked 479 Times in 302 Posts
    Rep Power
    215
    @limbo - Might have to do that, thanks!

    What is the setup of the transparent proxy?

  12. #23
    limbo's Avatar
    Join Date
    Aug 2005
    Location
    Birmingham
    Posts
    460
    Thank Post
    2
    Thanked 41 Times in 36 Posts
    Rep Power
    25
    It is a squid box, relatively standard setup - the majority of the work is done by the wireless network, the DHCP server, the radius box and the switches to route everything in the right way.

  13. Thanks to limbo from:

    CHR1S (21st December 2012)

  14. #24
    Duke5A's Avatar
    Join Date
    Jul 2010
    Posts
    795
    Thank Post
    81
    Thanked 130 Times in 113 Posts
    Blog Entries
    8
    Rep Power
    31
    Quote Originally Posted by limbo View Post
    It is a squid box, relatively standard setup - the majority of the work is done by the wireless network, the DHCP server, the radius box and the switches to route everything in the right way.
    How did you overcome HTTPS issues with Squid running in transparent mode? For mine I setup a splash portal in Squid and forced people to click an acceptance button on the TOS page before it would pass HTTP requests. After clicking the acceptance button directions are listed for using the proxy.pac file. If users bother to read through it and set it up they'll get functional HTTPS, if not, they're stuck with HTTP.

  15. #25
    grant_girdwood's Avatar
    Join Date
    Jun 2012
    Location
    Bloxx HQ
    Posts
    54
    Thank Post
    2
    Thanked 11 Times in 10 Posts
    Rep Power
    6
    Check your windows DNS server - as a security issue a WPAD entry in DNS was blocked by microsoft however there is a work around provided by MS

SHARE:
+ Post New Thread
Page 2 of 2 FirstFirst 12

Similar Threads

  1. WPAD.DAT with IIS and DNS
    By PatRamsden in forum Wired Networks
    Replies: 24
    Last Post: 3rd December 2013, 11:14 AM
  2. apples iwipe
    By russdev in forum Jokes/Interweb Things
    Replies: 3
    Last Post: 20th November 2005, 07:08 PM
  3. Network Specialist (E-mail and DNS)- Bristol Uni
    By tosca925 in forum Educational IT Jobs
    Replies: 7
    Last Post: 11th November 2005, 01:15 PM
  4. DNS problem?
    By kingswood in forum Wireless Networks
    Replies: 9
    Last Post: 31st August 2005, 03:52 PM

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •