If the auto discovery function fails, Firewall Client disables itself and starts to pass all WinSock calls straight through without remoting them to the ISA Server computer as it typically does. During this time, Firewall Client continues to try to detect the ISA Server computer every time a program makes a WinSock call.
For auto discovery to work, you must configure the network to support it. WSPAD uses Web Proxy Auto Detect (WPAD) to find resources. The DHCP option 252 (WPAD) is used to send WSPAD information to the client computer. This option holds a string value. The string is the URL that points to a file that contains one or more WinSock Proxy server addresses. DHCP option 252 is typically used as a registration and query point for discovery of printers, Web proxies (through WPAD), timeservers, and many other network services.
The client obtains the value of this DHCP option by using the value that was sent to the DHCP client during client initialization or during a refresh operation. The client has to specifically request this option. Firewall Client that is installed on clients that allow remoting of WinSock calls adds this functionality to the client.
The various WPAD discovery methods may return a partial URL. For the client to find the client configuration file (CFILE) that is needed to determine which ISA Server computer to connect to, the following URL format is used:
If the host name is not returned from the WPAD protocol, then the discovery fails. If the WPAD negotiation returns all three values (for example, if you are using the DHCP WPAD URL option), WSPAD parses this URL to find the host, port, and relative path of the WPAD configuration file, and then retrieves the WSPAD.DAT. file name that it appends the URL to construct the final WSPAD URL.
NOTE: If both WPAD and WSPAD are used, you must place both configuration files in the same folder path.
The WSPAD CFILE informs the WinSock Proxy client of all available WSP servers in the array, and supplies additional parameters such as a load factor and a state flag to aid the server selection. The WSPAD CFILE contains an explicit Time to Live (TTL) entry. After the TTL period expires, the WinSock Proxy client purges the CFILE and attempts to retrieve a new CFILE.
The format of the CFILE is the same as the Mspclnt.ini file. It includes parts of the Servers and IP Addresses section. This entire section is included in the WSPAD.DAT file. This section contains IP addresses of the servers in the array or a single DNS name. In the Common section, the following three entries are displayed:
- Configuration Refresh Time (Hours) - Time until file refresh check
- Port - Control port on the WSP server
- ServerVersion - Version of the WSP server (and WSP protocol)
Configuration Refresh Time (Hours) = 3
Port = 1745
ServerVersion = 11
Article ID: 260210 - Last Review: Oct 29, 2008 - Revision: 1