cancel
Showing results for 
Search instead for 
Did you mean: 

Netskope Client and PAC files

MM_NS
Netskope
Netskope

If you have PAC files or WPAD deployed to user base here are recommended settings:

 

1. Following traffic needs to go via PAC
 
 
2. Following traffic needs to go DIRECT
dns.google
 
 
3. Do not use Netskope consolidated IP ranges in the PAC file. If you add global range the "addon" traffic will also fall under that range.
 
 
Sample PAC file:
 
Here is a typical PAC file syntax. Check what's the ultimate "return" statement. The address "163.116.128.80:8080"  in this PAC file is the Netskope Explicit Proxy over Tunnel IP address. 
 

{

<snip>

..

..

/* Don't proxy to access to Netskope URLs for clients     */

      if (shExpMatch(host, 'gateway-<TENANT_NAME>.goskope.com'))

         { return 'DIRECT'; }

(repeat for the other domains in # 2 above)

<snip>

...

...

 

/* Use on-prem proxy unless client IP is in scope for cloud proxy */

/*      if (isInNet(clientIP, '10.102.4.0', '255.255.255.0')      */

/*          || isInNet(clientIP, '10.102.16.0', '255.255.255.0')  */

/*        { return 'PROXY 163.116.128.80:8080; DIRECT';}    */

 

/* When not handled above, use on-prem proxy */

       return 'PROXY bcproxy.TENANT_NAME.com:80; DIRECT'; }

 
 

Contact your Bluecoat or PAC file administrator for the syntax in your version of the PAC file. Most PAC files have a If and 

 

1 REPLY 1
Rohit_Bhaskar
Community Manager
Community Manager

Thanks for sharing with our Netskope community @MM_NS 😀

In order to view this content, you will need to sign in to your account. Simply click the "Sign In" button below

Sign In