Certain subnets, like VPN client subnets, may need to be excluded from the wpad.dat.
Configure your wpad.dat file to exclude the subnets the VPN clients belong to by adding this line:
if (isInNet(myIpAddress(),"192.168.2.0","255.255.255.0")) return "DIRECT";
The above example tells the clients that belong to the 192.168.2.0/24 subnet to go DIRECT instead of using the Proxy.
Here is an example of a complete wpad.dat
function FindProxyForURL(url, host)
{
if (isInNet(myIpAddress(),"192.168.2.0","255.255.255.0")) return "DIRECT";
if (isPlainHostName(host) ||
isInNet(host, "10.0.0.0", "255.0.0.0") ||
isInNet(host, "172.16.0.0", "255.255.224.0") ||
isInNet(host, "192.168.0.0", "255.255.0.0") ||
isInNet(host, "127.0.0.0", "255.0.0.0"))
return "DIRECT";
else
return "PROXY 192.168.2.218:8080";
};
Cleaner version of the same file:
function FindProxyForURL(url, host)
{
if (isPlainHostName(host) ||
isInNet(myIpAddress(),"192.168.2.0","255.255.255.0") ||
isInNet(host, "10.0.0.0", "255.0.0.0") ||
isInNet(host, "172.16.0.0", "255.255.224.0") ||
isInNet(host, "192.168.0.0", "255.255.0.0") ||
isInNet(host, "127.0.0.0", "255.0.0.0"))
return "DIRECT";
else
return "PROXY 192.168.2.218:8080";
};