Manage PAC Files
When configuring Cisco Secure Access Internet Security, you have several choices as to how you can send web traffic to Secure Access. One of those choices is to integrate a proxy auto-config (PAC) file URL for the browsers that you use to reach web resources.
After you integrate a PAC file on a device, all traffic through the browser is redirected to the Secure Access secure web gateway (SWG). For a PAC file deployment on a device, Secure Access DNS-layer security is not enforced on traffic generated on the browser. Secure Access DNS-layer security applies only to browser traffic to non-web resources, which bypasses the PAC file.
What is a PAC file?
A proxy auto-config (PAC) file is used by browsers to select the correct proxy server that can fetch a requested URL.
Known Limitations
As an administrator, you can download and deploy the Secure Access PAC file only if you are on a network that has been added as a Registered Network to Secure Access. PAC files are not supported for other connection mechanisms.
Recommendations
For the most part, integrating the Secure Access PAC file into your system so that all browser-based traffic is proxied is straightforward. However, you may have to customize the PAC file before integrating it into your system.
Note: Microsoft has deprecated PAC file support for the file:// and ftp:// protocols in Windows 10 on Edge. Hosting the PAC file on the local machine will not work on this browser. For more information, see Windows 10 does not read a PAC file referenced by a file protocol.
We recommend that you bypass the following domains directly to allow all traffic with TCP on ports 80 and 443:
- ocsp.int-x3.letsencrypt.org
- isrg.trustid.ocsp.identrust.com
- *.cisco.com
- *.opendns.com
- *.sse.com
- *.umbrella.com
- *.okta.com
- *.oktacdn.com
- *.pingidentity.com
- secure.aadcdn.microsoftonline-p.com
Manage Internet Security < Manage PAC Files > Deploy the Secure Access PAC File for Windows
Updated 5 months ago