Skip to main content
Jamf Nation, hosted by Jamf, is the largest Apple IT management community in the world. Dialog with your fellow IT professionals, gain insight about Apple device deployments, share best practices and bounce ideas off each other. Join the conversation.

Managing Proxies in a complicated environment

Posted: 5/19/17 at 2:39 PM by yves

I'm looking for a way to make this work. In Windows, we use a powershell script that continuously run and monitors for network changes, sets proxy based on your network segment.

I suspect we can achieve this with a script teamed up with an Offline Policy, set on Logon and Network State Change.
Use network segments in the scope to define 'limitations' for which proxy they will get. (we have two)

What I can't figure out is this.
If I use exclusions for those same network segments I'm applying it to, will this remove the proxy, or will I need another script to disable it on a cloned policy (but using exclusion instead of limitations)

We will have users connected through various ethernet adapters to the LAN (Docking stations, USB-C to Ethernet, etc...). There is no real way to predict which will be used. Is there a way we can target ANY network interface that is connected?

CCA Badge

Posted: 5/19/17 at 3:09 PM by charles.hitch

So one way you might be able to address this is to use a auto proxy configuration pac file. This could be hosted on a web server that could have some logic based on the connection to provide the correct proxy configuration settings. That way on network it would grab the proxy file and adjust accordingly. Off network (say at home) it wouldn't be able to connect to the web server and would default to a direct connection. You can set all network adapters to use the auto config script (note this is very different from auto detect proxy). This isn't the way we have done it, but theoretically its possible.