WPAD is working or not

  • Article

Some background about WPAD, before I start the core discussion.As per https://technet.microsoft.com/en-us/library/cc713344.aspx

ISA Server uses the Web Proxy Automatic Discovery (WPAD) protocol, which allows automatic discovery of Web Proxy servers. ISA Server uses WPAD to provide a mechanism for clients to locate a WPAD entry containing a URL that points to a server on which the Wpad.dat and Wspad.dat files are generated. The Wpad.dat file is a Java script file containing a default URL template, constructed by Internet Explorer. The Wpad.dat file is used by Web Proxy clients for automatic discovery information. The ISA Server WinSock Proxy Autodetect (WSPAD) implementation uses the Wpad.dat file, and creates a Wspad.dat file to provide automatic discovery information to Firewall clients. For more information about the WPAD protocol, see the Web Proxy Auto-Discovery Protocol document.

 Above article also explains how WPAD option is configured in DHCP as well as in DNS and how browser uses WPAD to get wpad.dat which had the script that tells the browser who is the proxy server and how to route the web requests through proxy server and when to by pass the proxy server.

This post is about when you know that you have configured your DHCP server with option 252 and whenever you use autodetect as proxy setting in your  browser its not able to access internet(in case the client machine is not secureNAT client).

In order to find out if WPAD option is configured properly and the client machine is able to get the option 252 from the DHCP server we can use FWC tool that comes with TMG/ISA firewall client and its located at "C:\Program Files (x86)\Forefront TMG Client"

above is the sample when we are able find WPAD and WSPAD. Lets also have a look at this Scenario when Browser is not able to detect the WPAD and we can use FWCtool to find out whats going on

If we take network monitor trace while doing this test we will see following DHCP inform packet with request for WPAD

 

and reply from DHCP server does not have the option 252 for WPAD

Resolution

In this particular scenario we had to reconfigure DHCP option 252 and after that issue got resolved.

Comments

  • Anonymous
    January 01, 2003
    Thanks Yuri

  • Anonymous
    January 01, 2003
    Well done Suraj, I'm proud of you my friend :)

  • Anonymous
    August 29, 2012
    Great article!

  • Anonymous
    February 28, 2014
    I wrote a blog post on WPAD some time back to be specific this one http://blogs.technet.com/b/sooraj

  • Anonymous
    August 04, 2014
    pretty much a very poor recycle of another MS whitepaper why did you bother.

  • Anonymous
    July 27, 2015
    is there any way to trace at the client machine level wether its reaching at dhcp to get the wpad

  • Anonymous
    February 16, 2016
    so where is part 4?