Hi,
We have the following problem with our cloud proxy. We have a "partnership" with some companies that have applications that check on an IP address to decide whether to allow the user or not. Now this used to be the IP address of our firewall, obviously with the cloud proxy this doesn't work anymore.
The solution we've been trying to get to work is to do a bypass for that site and then allow HTTP and/or HTTPS traffic to that site in the firewall (since port 80 and 443 are closed for everyone).
We're using a .pac file for this, found in one the symantec guides.
// *****************************************************************
// Specify remote URLs that are trusted and don't require proxying
// and should be bypassed when roaming.
// *****************************************************************
if (shExpMatch(host, "*.download.microsoft.com") ||
shExpMatch(host, "*.windowsupdate.com") ||
shExpMatch(host, "*.windowsupdate.microsoft.com") ||
shExpMatch(host, "windowsupdate.microsoft.com") ||
shExpMatch(host, "*.update.microsoft.com") ||
shExpMatch(host, "update.microsoft.com")
{
if (debug) alert("PAC: BYPASS: Windows Update: " + host);
roaming = direct;
}
But this doesn't seem to work, when we put debug on we can see several websites have different domains, sometimes we also get a popup windows that says "BYPASS" and then one followed by "Proxy CSP" for the same domain/url. And in the firewall logging we can see no activity at all.
Is there something wrong with this code? I'm a bit confused with the //comment aswell as it says "when roaming", does the bypass only work when roaming?
Or is there a better way to do this? Other than asking all the companies to allow the ranges of the cloud proxy, which is not possible most of the times.
Thanks