Description
This article explains about how to configure the proxy auto-config (PAC) file in FortiGate firewall to bypass the traffic through explicit proxy
Scope
A proxy auto-configuration (PAC) file is a text file that instructs a browser to forward traffic to a proxy server, instead of directly to the destination server. It contains JavaScript that specifies the proxy server and optionally, additional parameters that specify when and under what circumstances a browser forwards traffic to the proxy server. For example, a PAC file can specify on what days of the week or what hours of the day traffic is sent to a proxy, or for which domains and URLs traffic is not sent to a proxy
Solution
GUI syntax :
- Go to -> Network -> Explicit proxy -> Enable [ proxy auto-config (PAC) ]
- Edit the PAC file content as per your requirement and apply it
function FindProxyForURL(url, host) {- Configure the PAC file setting on client browser
// our local URLs from the domains below example.com don't need a proxy:
if (shExpMatch(url,"*.example.com/*")) {return "DIRECT";} - based the domain through proxy
if (isInNet(host, "172.31.135.180", "255.255.255.255")) {return "DIRECT";} // - based the server IP through proxy
// All other requests go through port 8080 of proxy.example.com.
return "PROXY example.com:8087; DIRECT"; // <--- make sure that the domain should resolve to proxy IP address
return "DIRECT";
}
- The local server 172.31.135.180 traffic bypassed by explicit proxy
