James Yonan wrote:
I took a look at the expired internet draft for WPAD. My first thought is
that a VPN is going to have extra requirements than a browser in terms of
using WPAD as a dynamic reconfiguration tool. OpenVPN may or may not use
a proxy. It may want to use UDP or TCP depending on where it is
connecting from. In some cases it may want to disable itself completely
if the host machine is plugged into the corporate LAN.
Now on the other hand if you only want to add WPAD support to OpenVPN's
existing proxy capability, it shouldn't be very difficult.
The reason I brought it up was that some of our Windows products got
burnt by us claiming "use IE's proxy settings" - when all we were
actually doing was looking up Registry keys for a hostname and port
number. Some companies (ourselves included) use WPAD to set the proxy
settings, and such a simplistic approach fails. And the end user is left
wondering "IE works for me, I told Product-X to use IE settings, and it
doesn't work. Huh?!?!?!"
So I'm not really going on about OpenVPN - it's more the statement "use
IEs proxy settings". Perhaps the Windows client could remove that
option, and instead pre-fill the manual proxy settings with what it
finds in the Registry. That way it looks like it "magically" figured out
the proxy server, and if it's wrong/empty, the user can override it.
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1
Openvpn-users mailing list