Skip to main content
sthapa
Staff
sthapa
Staff
April 3, 2019

Technical Tip : How to configure explicit proxy auto-config (PAC) to bypass traffic

  • April 3, 2019
  • 0 replies
  • 33322 views

Description

 

This article describes how to configure the proxy auto-config (PAC)  file in FortiGate firewall to bypass the traffic through explicit proxy

Scope


A proxy auto-configuration (PAC) file is a text file that instructs a browser to forward traffic to a proxy server, instead of directly to the destination server. It contains JavaScript that specifies the proxy server and optionally, additional parameters that specify when and under what circumstances a browser forwards traffic to the proxy server. For example, a PAC file can specify on what days of the week or what hours of the day traffic is sent to a proxy, or for which domains and URLs traffic is not sent to a proxy.

 

Solution

 

GUI syntax:

  • Go to Network -> Explicit proxy -> Enable [ proxy auto-config (PAC) ].

 

  • Edit the PAC file content as required and apply it.

 

 
Sample PAC file code:
 
function FindProxyForURL(url, host) {
   // the local URLs from the domains below example.com do not need a proxy:
    if (shExpMatch(url,"*.example.com/*"))       {return "DIRECT";}    -  based the domain through proxy
  if (isInNet(host, "172.31.135.180", "255.255.255.255")) {return "DIRECT";} // -  based the server IP through proxy

   // All other requests go through port 8080 of proxy.example.com.
   return "PROXY example.com:8087; DIRECT";  // <---  make sure that the domain should resolve to proxy IP address
   return "DIRECT";
}-
 
Configure the PAC file setting on client browser.

 
Result:
  • The local server 172.31.135.180 traffic is bypassed by explicit proxy.
 
 
  • The traffic is blocked by the explicit proxy.

 

    Terms & ConditionsAccessibility statement