Secure Access Help Center

Customize the Secure Access PAC File

The Cisco Secure Access PAC file contains the list of internal domains that are managed by the administrator of the Secure Access organization. Web traffic to internal domains is not sent to the secure web gateway (SWG). For more information about internal domains, see Manage Domains.

After you customize the Secure Access PAC file, you can deploy the PAC file. For more information, see Deploy the Secure Access PAC File for macOS and Deploy the Secure Access PAC File for Windows.

This guide describes how to customize the Secure Access PAC file.

Custom PAC Files

To bypass additional internal domains on the SWG, create custom PAC files.

  • You can customize the Secure Access PAC file and host the custom PAC file on a web server in your environment. For more information about hosting a PAC file in your environment, see your web server’s documentation, or
  • You can upload your own custom PAC files to Secure Access. For more information, see Upload Custom PAC Files to Secure Access.

Secure Access supports IP-based domains. However, you must enter the IP in the browser’s address bar as the domain portion of the URL. For example, https://1.2.3.4/URLpath/. The PAC file does not resolve a domain to IP before matching an IP-based domain for bypass.

Table of Contents

Prerequisites

  • Full Admin user role. For more information, see Manage Accounts.
  • To download the Secure Access PAC file or custom PAC files, connect to Secure Access on a Registered Network.

Procedure

Copy the Secure Access PAC File URL. Then, enter the PAC file URL in your browser and download the PAC file. Open the PAC file in an editor and update the file.

Copy the Secure Access PAC File

  1. Navigate to Connect > End User Connectivity > Internet Security.

  2. For Secure Access PAC File, click Copy to get the PAC file URL.

Download the Secure Access PAC File

  1. Paste the copied PAC URL into a browser's address bar and then press Enter or Return to download the PAC file.

Edit the PAC File

  1. Open the downloaded PAC file with a text editor.
  2. Add the internal domains that the web proxy will bypass to the PAC file, and then save the file.
    Note: Provide a comma-delimited list of domain names and surround each domain name in the list with quotation marks. The wildcard character asterisk * is supported and treated as any value of any length. Use extreme caution when using this wildcard as well as periods. For example, *.example.com bypasses www.example.com, mail.example.com, and c.23.example.com. *example.com bypasses www.example.com as well as phishingexample.com.
  3. Save the PAC file.
function FindProxyForURL(url, host) {

        //------------------------Customer Section------------------------
        //Add your internal domains within quotations marks like "wwwin.acme.com"
        //after the right parenthesis below. Please remove the two examples
        //below and add your own internal domains.

        var dont_proxy_customer_list = ["121.12.11.11","*.121.12.11.11","aaa","*.aaa","abc.com","*.abc.com","addingboth.com","*.addingboth.com","alibaba.com","*.alibaba.com","capfix.com","*.capfix.com","capissuefix.com","*.capissuefix.com","ci.com","*.ci.com","example.com","*.example.com","flipkart.com","*.flipkart.com","google.com","*.google.com","internal.com","*.internal.com","internaldomain.com","*.internaldomain.com","nnn.com","*.nnn.com","qeqfqgeag.com","*.qeqfqgeag.com","resolvewithdns.com","*.resolvewithdns.com","something.com","*.something.com","ss.com","*.ss.com","test1.com","*.test1.com","testing.com","*.testing.com","testing2.com","*.testing2.com","testing3.com","*.testing3.com","testnew.com","*.testnew.com","bypassproxy.com","*.bypassproxy.com","external.com","*.external.com","externalexample.com","*.externalexample.com","test.com","*.test.com"];

        //Warning to Administrators: Touching any section after this point might
        //affect your users browsing experience and lead to considerable number
        //of issues and loading your customer support.
        //---------------------End Customer Section-----------------------

        for(var iter = 0; iter < dont_proxy_customer_list.length; ++iter) {
            if(shExpMatch(host, dont_proxy_customer_list[iter])) {
                return "DIRECT";
            }
        }

Deploy the Secure Access PAC File for macOS < Customize the Secure Access PAC File > Upload Custom Pac Files to Secure Access

Updated about 19 hours ago