FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sthapa
Staff
Staff
Article Id 189731

Description
This article explains about how to configure the proxy auto-config (PAC)  file in FortiGate firewall to bypass the traffic through explicit proxy

Scope
A proxy auto-configuration (PAC) file is a text file that instructs a browser to forward traffic to a proxy server, instead of directly to the destination server. It contains JavaScript that specifies the proxy server and optionally, additional parameters that specify when and under what circumstances a browser forwards traffic to the proxy server. For example, a PAC file can specify on what days of the week or what hours of the day traffic is sent to a proxy, or for which domains and URLs traffic is not sent to a proxy
Solution
GUI syntax :

- Go to -> Network -> Explicit proxy -> Enable [ proxy auto-config (PAC) ]


 

- Edit the PAC file content as per your requirement and apply it

Sample PAC file code:
function FindProxyForURL(url, host) {
   // our local URLs from the domains below example.com don't need a proxy:
    if (shExpMatch(url,"*.example.com/*"))       {return "DIRECT";}    -  based the domain through proxy
  if (isInNet(host, "172.31.135.180", "255.255.255.255")) {return "DIRECT";} // -  based the server IP through proxy

   // All other requests go through port 8080 of proxy.example.com.
   return "PROXY example.com:8087; DIRECT";  // <---  make sure that the domain should resolve to proxy IP address
   return "DIRECT";
}
- Configure the PAC file setting on client browser

 
Result:

- The local server 172.31.135.180 traffic bypassed by explicit proxy
 
- Blocked traffic by the explicit proxy

 

Contributors