cancel
Showing results for 
Search instead for 
Did you mean: 

Network Connect - Parsing of manual proxy exception is different to IE

Karl_Prince_
Not applicable

Network Connect - Parsing of manual proxy exception is different to IE

Network connect does not parse manual proxy exceptions in same way as IE, which is causing me some pain.

Many directly accessible SSL services (inside and sometimes outside the corporate LAN) have the same naming convention:


vpn1-ssl.example.com, vpn2-ssl.example.com, gw1-ssl.example.com etc... 



  • Some of these services are accessible inside and outside the corporate LAN

  • Some of these services are only accessible from limited parts of the corporate LAN

  • Because of the above the proxy server can not access all of the services

  • Ideally all of the services above would not be accessed via the proxy



So the "obvious exception" manual proxy exception of "*ssl.example.com"  matches all these hostnames, and allows IE to connect to them happily, however at the hand off to "network connect" (which is not used for all the applications on these services) this exception is not matched, and fails to connect as the session is directed at the internet proxy




  • Testing various exceptions, and digging through release notes suggests that three is very limited matching of manual proxy exceptions, basically:

  • full host name of IVE

  • Full IP address of IVE (no wild cards)

  • wildcarding of whole domain suffix e.g. *.example.com



I am for obvious reasons not happy about adding large numbers of hosts to the proxy exceptions, and maintaining them. Whilst it would be better if these devices where in there own subdomain, this is not practically acheivable.

The version of network connect in use is 5.5.0.11711

Whilst I probably have answered my own question, I was wondering if this has addressed in later releases.