Home » Administration, Computers and IT, Forefront TMG, Microsoft, Security

WPAD & Proxy Timeout Issue

Submitted by on December 2, 2010 – 8:58 amNo Comment

If you’ve been following, I’ve recently been playing with Forefront Threat Management Gateway 2010, the “new” ISA Server.

Now, for all intensive purposes, everything is configured correctly. There’s a virtual IP for the proxy array (let’s say, 192.168.0.10), and the WPAD file is published, and contains the IP addresses of both proxies (let’s say, 192.168.0.11 and 12). The DNS and DHCP records are created, pointing clients to wpad/wpad.dat

If I configure IE to point directly to the proxy’s virtual IP or it’s statically configured DNS A record, it all works fine.

Something’s not right. Internet Explorer successfully picks up the WPAD file, but from there, it doesn’t work. Why?

Well, after days of trying to figure it out, it turns out to be something very obvious. The client PC’s I’m using are in different VLAN’s.

Connecting via telnet to the virtual IP on port 80 works fine, connecting to the individual proxies in the array times out.

I guess I have to open up the firewall to allow port 80 to the individual proxies!

Leave a comment!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Be nice. Keep it clean. Stay on topic. No spam.

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="">

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.