02-03-2017 01:20 AM
Hi all,
Currently facing following issue:
We deploy a new setup with a pair of WSA S390.
We have proxy autodiscovery enabled in our webbrowsers.
The WSA's are serving the default.pac to the clients.
In DHCP, we provide the http://<proxy-ip>/default.pac
In DNS, the WPAD entry contains the <proxy-ip>
Unfortunately, it seems impossible to host the wpad.dat on the WSA starting from version 10.x. The error message 'Invalid PAC format' appears...
So, clients falling back to DNS for WPAD (such as firefox), are unable to autodiscover the proxy settings.
According Cisco TAC, this is known behavior and pointed my atention to following case:
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuh64055/?reffering_site=dumpcr
Is any of you aware of this limitation?
Do you know any workarounds?
Thanks.
02-03-2017 06:58 AM
I believe this is the workaround:
WPAD Not Working With Firefox
Firefox browsers may not support DHCP lookup with WPAD. For current information, see
https://bugzilla.mozilla.org/show_bug.cgi?id=356831.
To use Firefox (or any other browser that does not support DHCP) with WPAD when the PAC file is
hosted on the Web Security appliance, configure the appliance to serve the PAC file through port 80.
Step 1 Choose Security Services > Web Proxy and delete port 80 from the HTTP Ports to Proxy field.
Step 2 Use port 80 as the PAC Server Port when you upload the file to the appliance.
Step 3 If any browsers are manually configured to point to the web proxy on port 80, reconfigure those browsers
to point to another port in the HTTP Ports to Proxy field.
Step 4 Change any references to port 80 in PAC files.
02-14-2017 03:34 PM
It has been confirmed as a new defect in version 10.1.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvd07663
Please rate or mark the question as answered if this helps.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide