Difference between revisions of "How to configure WPAD"

Latest revision as of 12:49, 4 April 2016

* * * THIS PAGE IS UNDER CONSTRUCTION * * *

This How-to will describe how to configure WPAD on IPBrick.

These configurations allow a user to access an Intranet server without needing to use a proxy service as an intermediary and, at the same time, prohibits an external access without a proxy server. The first aspect promotes a better performance and the second one prevents security issues.

Two scenarios will be presented here:

The first scenario will show the configurations for one IPBrick.
The second scenario will demonstrate how to configure WPAD between two IPBrick servers:
- One IPBrick is the Intranet server where DHCP and DNS services will run;
- One IPBrick is the security server where Proxy service will run.

The following examples will explain step by step how to configure a WPAD (Web Proxy Auto-Discovery) for both scenarios.

First scenario

On our first scenario, the aim is to configure WPAD with an IPBrick as an Intranet server, where DHCP and DNS services will run.

In order to do this we have to:

DHCP: activate WPAD.
- Go to Advanced configurations » Support services » DHCP » Subnets » General options;
- On Proxy Auto-configuration, select Yes (by default is set up to No).
Proxy: activate WPAD.
- Go to IPBrick.C » Proxy » Auto-configuration;
- On Auto-configuration » Enable Auto-configuration, select Yes (by default is set up to No).

Note: There is no need to configure anything for DNS because it already points to the server in question.

Second scenario

On the second scenario, the aim is to configure WPAD with an IPBrick as a security server, where Proxy server will run.

So, in this case, we have to servers. One of them is an Intranet server which is connected to our LAN; the other is a communication server that links our LAN to the Internet.

As a practical example, let's call "srv01" to our internal server and "srv02" to the external one; "srv01" lodges DNS and DHCP services and "srv02" acts as a proxy.

To configure our "srv01":
- DNS: it's lodged on "srv01" but it has to point to "srv02".
  - Go to Advanced configurations » Support services » DNS » Domains;
  - Select your domain on Forward zone;
  - Here it is possible to see several configurations but, for our configuration, search for WPAD on the Aliases table;
  - Select WPAD and configure it to your server, "srv02";
  - Repeat these steps but this time search for Proxy on Aliases.
- DHCP: activate WPAD.
  - Go to Advanced configurations » Support services » DHCP » Subnets » General options;
  - On Proxy Auto-configuration, select Yes (by default is set up to No).

Now we have both DNS and DHCP configured on our "srv01", pointing to "srv02".

To configure "srv02":
- Proxy: activate WPAD.
  - Go to IPBrick.C » Proxy » Auto-configuration;
  - On Auto-configuration » Enable Auto-configuration, select Yes (by default is set up to No).

Configuration Hint - Proxy

How to use a proxy to access sites which aren't running on port 80/443

Let's imagine that you want to access http://site.xpto.com:81;
Go to Security » Proxy » Settings » Configurations » Other configurations and on Allowed connections add port 81 as authorized;
Go to Advanced Configurations » Network » Firewall and insert the following General Settings rule:

Rule: INPUT

Interface: ETH1

Protocol: TCP

Origin port: 81

Parameters: ! --syn

Policy: ACCEPT
Apply Configurations;
Use a LAN PC and test now the connection to http://site.xpto.com:81.

@@ Line 1: / Line 1: @@
 {{DISPLAYTITLE:How to configure WPAD}}
-* '''* * * THIS PAGE IS UNDER CONSTRUCTION * * *'''
+'''* * * THIS PAGE IS UNDER CONSTRUCTION * * *'''
-This How-To will describe the configurations needed to do in a scenario where you have two IPBrick servers:
+This How-to will describe how to configure WPAD on IPBrick.
-* One IPBrick is the Intranet server where DHCP and DNS services will run
+These configurations allow a user to access an Intranet server without needing to use a proxy service as an intermediary and, at the same time, prohibits an external access without a proxy server. The first aspect promotes a better performance and the second one prevents security issues.
-* One IPBrick is the security server where Proxy service will run
-This configuration allows a user to access an Intranet server without needing to use a proxy service as an intermediary and, at the same time, prohibits an external access without a proxy server. The first aspect promotes a better performance and the second one prevents security issues.
+Two scenarios will be presented here:
+# The first scenario will show the configurations for one IPBrick.
+# The second scenario will demonstrate how to configure WPAD between two IPBrick servers:
+#* One IPBrick is the Intranet server where DHCP and DNS services will run;
+#* One IPBrick is the security server where Proxy service will run.
-= Configuration =
+The following examples will explain step by step how to configure a WPAD (Web Proxy Auto-Discovery) for both scenarios.
-The following example will explain step by step how to configure a Web Proxy Auto-Discovery.
 == First scenario ==
-On our first scenario, the aim is to configure a WPAD with an IPBrick as an Intranet server, where DHCP and DNS services will run.
+[[File:cenario1.jpeg]]
+On our first scenario, the aim is to configure WPAD with an IPBrick as an Intranet server, where DHCP and DNS services will run.
 In order to do this we have to:
-) Activate WPAD for DHCP:
+# DHCP: activate WPAD.
+#* Go to ''Advanced configurations » Support services » DHCP » Subnets » General options''; [[File:subnets.png]]
-* Go to ''Advanced configurations » Support services » DHCP » Subnets » General options'';
+#* On ''Proxy Auto-configuration'', select ''Yes'' (by default is set up to ''No''). [[File:proxyautoconfiguration.png]]
+# Proxy: activate WPAD.
-[[File:subnets.png]]
+#* Go to  ''IPBrick.C » Proxy » Auto-configuration''; [[File:proxyautoconfiguration3.png]]
+#* On ''Auto-configuration » Enable Auto-configuration'', select ''Yes'' (by default is set up to ''No''). [[File:proxyautoconfiguration2.png]]
-* On ''Proxy Auto-configuration'', select ''Yes'' (by default is set up to ''No'').
-[[File:proxyautoconfiguration.png]]
-) Activate WPAD for Proxy.
-* Go to  ''IPBrick.C » Proxy » Auto-configuration'';
-[[File:proxyautoconfiguration3.png]]
-* On ''Auto-configuration » Enable Auto-configuration'', select ''Yes'' (by default is set up to ''No'').
-[[File:proxyautoconfiguration2.png]]
 '''Note:''' There is no need to configure anything for DNS because it already points to the server in question.
+== Second scenario ==
+[[File:cenario2.1.jpeg]]
+On the second scenario, the aim is to configure WPAD with an IPBrick as a security server, where Proxy server will run.
+So, in this case, we have to servers. One of them is an Intranet server which is connected to our LAN; the other is a communication server that links our LAN to the Internet.
+As a practical example, let's call "srv01" to our internal server and "srv02" to the external one; "srv01" lodges DNS and DHCP services and "srv02" acts as a proxy.
+# To configure our "srv01":
+#* DNS: it's lodged on "srv01" but it has to point to "srv02".
+#** Go to ''Advanced configurations » Support services » DNS » Domains''; [[File:DNSdomains.png]]
+#** Select your domain on ''Forward zone''; [[File:aliases.png]]
+#** Here it is possible to see several configurations but, for our configuration, search for WPAD on the ''Aliases'' table; [[File:WPAD.png]]
+#** Select ''WPAD'' and configure it to your server, "srv02"; [[File:WPADsrv02.png]]
+#** Repeat these steps but this time search for ''Proxy'' on ''Aliases''. [[File:proxysrv02.png]]
+#* DHCP: activate WPAD.
+#** Go to ''Advanced configurations » Support services » DHCP » Subnets » General options''; [[File:subnets.png]]
+#** On ''Proxy Auto-configuration'', select ''Yes'' (by default is set up to ''No''). [[File:proxyautoconfiguration.png]]
+Now we have both DNS and DHCP configured on our "srv01", pointing to "srv02".
+#To configure "srv02":
+#* Proxy: activate WPAD.
+#** Go to  ''IPBrick.C » Proxy » Auto-configuration''; [[File:proxyautoconfiguration3.png]]
+#** On ''Auto-configuration » Enable Auto-configuration'', select ''Yes'' (by default is set up to ''No''). [[File:proxyautoconfiguration2.png]]
+== Configuration Hint - Proxy ==
+'''How to use a proxy to access sites which aren't running on port 80/443'''
+# Let's imagine that you want to access http://site.xpto.com:81;
+# Go to ''Security » Proxy » Settings » Configurations » Other configurations'' and on ''Allowed connections'' add port 81 as authorized; [[File:Proxy_port81.png]]
+# Go to ''Advanced Configurations » Network » Firewall'' and insert the following ''General Settings'' rule:
+#:  Rule: INPUT
+#:  Interface: ETH1
+#:  Protocol: TCP
+#:  Origin port: 81
-Go to ''Advanced configurations » Support services » DNS » Domains''.
+#:  Parameters: ! --syn
+#: Policy: ACCEPT [[File:Proxy_port81a.png]]
-[[File:DNSdomains.png]]
+# Apply Configurations;
+# Use a LAN PC and test now the connection to http://site.xpto.com:81.
-Then, click on your domain on ''Forward zone'' and search for WPAD on the ''Aliases'' table.
-[[File:WPAD.png]]
-Select ''WPAD'' and configure it to your server.
-[[File:wpadconfig.png]]
-Repeat these steps but with ''Proxy''.
-[[File:wpadproxyconfig.png]]
-Now you have both WPAD and Proxy configured to your server.

Difference between revisions of "How to configure WPAD"

Latest revision as of 12:49, 4 April 2016

First scenario

Second scenario

Configuration Hint - Proxy

Navigation menu

Personal tools

Namespaces

Variants

Views

Actions

Search

Navigation

IPBRICK Magic Quad

IPBrick Support

FAQS

Tools