Issues with WPAD not working for me.
-
I configured WPAD in DHCP settings and the DNS resolver as well.
with this config:
**function FindProxyForURL(url, host)
{
if (isPlainHostName(host) ||
shExpMatch(host, "*.local") ||
isInNet(dnsResolve(host), "192.168.1.1", "255.255.255.0"))
return "DIRECT";return "PROXY 192.168.1.1:3128";
}**
and in DHCP settings its configured :number: 252 type: string value: "http://wpad/wpad.dat"
number: 252 type: string value: "http://wpad/wpad.da"
number: 252 type: string value: "http://wpad/proxy.pac"and in DNS resolver :
Host: wpad
Domain: my domain name
IP Address: 192.168.1.1
Description: WPAD Autoconfigure HostFor some reason I can not download the files when i browse to them in chrome.
When i do a nslookup wpad i get this below :
**C:\Users\cw>nslookup wpad
Server: pfsense.local*** pfsense.local can't find wpad: Non-existent domain**
Also when i Curl i get this error below:
[2.3.3-RELEASE][admin@CaesarsNetwork.CEEsNETHOME]/root: curl http://wpad/proxy.pac
curl: (6) Could not resolve host: wpadI also updated the mime types just to be safe even though i dont think i needed to.
I still can not get this to work to be ale to block HTTP and HTTPs traffic via squid-guard. Any help or a place to look and see what is going on would surely be appreciated.
-
Where are you placing the wpad files..? It's probably best to serve wpad files from a webserver other than the one on PFSense.
-
function FindProxyForURL(url, host)
{
if (isPlainHostName(host) ||
shExpMatch(host, "*.local") ||
isInNet(dnsResolve(host), "192.168.1.1", "255.255.255.0"))
return "DIRECT";return "PROXY 192.168.1.1:3128";
}try
function FindProxyForURL(url, host) { if (isPlainHostName(host) || shExpMatch(host, "*.local") || isInNet(dnsResolve(host), "192.168.1.0", "255.255.255.0")) return "DIRECT"; return "PROXY 192.168.1.1:3128"; }
have a read though here https://forum.pfsense.org/index.php?topic=112335.0
-
Corrosive: I placed the files here : /usr/local/www.
aGeekHere: I am updating the files right now and will update you once its done.
-
IIRC, WPAD doesn't work with HTTPS so if you're using pfSense to serve them then you should be running WebGUI in HTTP mode.
-
@KOM:
IIRC, WPAD doesn't work with HTTPS so if you're using pfSense to serve them then you should be running WebGUI in HTTP mode.
i understand that. My WEBGUI is on port 8800/HTTP.
it still is not working after going through you guide exactly given from Ageekhere.
Also just FYI. I notice the files all are able to be downloaded in the browser, when i use my external windows 2016 webserver that I run on my VM, but im not sure of the configuration after that for http and https blocking in pfsense.
i am wondering if its something going on somehwere else when trying to use pfsense as the webserver. -
one thing I am noticing is that when i go to http://192.168.1.30/wpad.dat in my browser it downloads, but when i access http://wpad/wpad.dat it seems to not work. Could this be an issue with DNS resolver?
-
why do you need the host as wpad? on most setups, the wpad url includes the ip address.
-
I was following the steps in the guide created by ageekhere to be able to filter HTTPS traffic.
https://forum.pfsense.org/index.php?topic=112335.0
One thing that is happening is when i enable the DNS host override it will not block any sites.
I wanted to do the WPAD so I would not have to do the MITM setup in the proxy. but at this point all I can get to work is the WPAD disabled with Transparent proxy enabled but of course its not blocking HTTPS traffic. -
One thing that is happening is when i enable the DNS host override it will not block any sites.
The DNS override on it's own does not block sites.
but at this point all I can get to work is the WPAD disabled with Transparent proxy enabled
Did you follow all the steps? it should work.
-
I followed every step to the T!
its crazy even when i try to browse to : http://192.168.1.1/wpad.dat or .da , or the proxy.pac file they are not downloading at all in chrome or IE.
-
Do you have auto configure enabled in internet options?
-
Have you tried setting dns suffix on windows client?
-
I got it working now. I had to use the unofficial WPAD package marcelloc created using nginx and it actually started working as it should. Thanks fellows!