Hi,
We wanted to ensure all DA traffic goes via our internal proxy, so I've set a DA proxy by using the command below on both of my 2012 R2 DirectAccess servers and I've enabled force tunnelling via the GUI.
Set-DAClientDNSConfiguration –DNSSuffix ‘.’ –ProxyServer squid.contoso.com:8080
My understanding is that this would force all of my DA clients to browse the web via "squid" proxy server and use port 8080.
Since then, for various reasons, we've implemented a PAC file and applied it to our DA clients. This works fine, but the PAC references http://squid2.contoso.com:8080/proxy.pac
Again, DA works fine with each client going through the proxy whether they are on the LAN or over a DirectAcess connection. I have 2 questions:
1. From the DA server, if I run "Get-DaClientDnsConfiguration" I see an entry as shown below for my squid2 proxy.
namesapace - "{.}", DADnsServer - IPV6 address of DA server, DirectAccessProxyName - squid:8080, DirectAccessProxyType - UserProxyName
How can I remove the DirectAccessProxyName from the DA configuration? remove-DAClientDNSConfiguration doesn't support the ProxyServer switch, commands similar to below do not work. Can the ProxyServer only be blanked with a GPO or regedit?
"Set-DAClientDNSConfiguration –DNSSuffix ‘.’ –ProxyServer null" or "Set-DAClientDNSConfiguration –DNSSuffix ‘.’ –ProxyServer "" "
From my Windows 10 DA client, if I run "netsh winhttp show proxy" I get "Direct access (no proxy server)", which is odd, but consistent with a number of other people's experience according to Google. Any ideas why Windows doesn't show the
proxy at the command line?
Where is the proxy information stored? Running "Set-DAClientDNSConfiguration " sets the proxy, but if I search for "squid" in the registry or the DA GPOs, I can't find it.
Thanks in advance
