Automatic Proxy Detection/wpad.dat

I recently had the opportunity to setup Automatic Proxy Detection for a customer. I’d never taken the time to figure it out before. It worked in both IE and Firefox and was kinda neat.

It turns out that when you start your web browser and you have automatic proxy detection enabled it attempts to find a file at the URL http://wpad.yourdomain.tld/wpad.dat. In my case it would try for If that file is found it runs the javascript in it and sets the proxy settings to however they are defined in the wpad.dat file. Here’s what we did. I’m using as my domain to protect the guilty.

Create a DNS Record

We created a CNAME for that pointed to a web server. In this case a Microsoft Small Business Server 2003 running IIS. An A record would work okay too but given the fact that this will probably never be a server’s primary name record a CNAME made sense to me.

Create wpad.dat

Now you need to create your wpad.dat file. We found several examples on the web. Here’s an example. Google can help you find more:

function FindProxyForURL(url, host)


if (shExpMatch( host, “192.168.1.*” )

|| shExpMatch( host, “127.*” )

|| shExpMatch( host, “localhost” )

|| shExpMatch( host, “*” )

|| isPlainHostName( host )

|| dnsDomainIs( host, “” )) {

return “DIRECT”;


return “PROXY;”;

The first section inside the if block tells the browser to connect to the destination server directly if one of those conditions are met. You’d normally do this to bypass your proxy for a host on the local LAN. The second section is where you define the proxy for use with everything else. It’s just a javascript function so you could probably go pretty crazy with the thing if you wanted to.

Once you’ve created your file copy it to the root of your web server. One thing that we noticed was that IIS wouldn’t server the file initially because it didn’t have a mime type for a .dat file. So we added a mime type of application/x-ns-proxy-autoconf for .dat files and we were good to go.

Create a DHCP Scope Option

The last thing we did was create an option in our DHCP scope to define where your wpad.dat file is. I don’t believe his isn’t strictly necessary since a machine should generally attempt to connect to a host called wpad in its own domain. I see it as a good idea though because you might run into issues if you ever have guest machines on your network or if you are using some sort of split DNS tunneling over a VPN client or something like that. It was a recommended step so we did it in DHCP on a Windows Small Business Server 2003.

Create an Option 252 Entry in DHCP

To create an Option 252 entry in DHCP, do the following.


Click Start, point to Programs, point to Administrative Tools, and then click DHCP.


In the console tree, right-click the applicable DHCP server, click Set Predefined Options, and then click Add.


In Name, type WPAD.


In Code, type 252.


In Data type, select String, and then click OK.


In String, type http://Computer_Name:Port/wpad.dat where:

Computer_Name is the fully qualified domain name of the web server computer.

Port is the port number on which automatic discovery

information is published. You can specify any port number. By default it uses port 80.


To add the option to the scope right-click Scope options,under the scope you want to add it to and then click Configure options.


Confirm that the Option 252 check box is selected.

Unless I left something out, that about does it. All you should have to do is to check the Automatic Proxy Detection box in your browser and you should be good to go. In Internet Explorer you can sort of push this setting down via GPO. Of course it’s one of those whacked out policies that users can mess with if they know how. In Firefox I am not aware of a way to automate this but I’m sure somebody’s written something.


1 thought on “Automatic Proxy Detection/wpad.dat”

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.