Cisco Cisco ScanSafe Wi-Fi Hotspot Security Livre blanc

Cisco CWS

– Standalone Deployment Guide

Test

Deploy

Prepare

Step 4:

Open a new browsing session and paste the URL in the address bar to see if the file opens in

the browser or returns the download dialogue. If either of these occur, then the browser has access to
the PAC file.

Step 5:

Browse to

http://whoami.scansafe.net

. Take note of the external IP.

Step 6:

Open another tab and browse to

whatismyip.com

. Take note of the external IP.

Step 7:

Check the PAC file exception by browsing to

whatismyip.com

. Notice that it returns the true

egress IP. That’s because the PAC file exception circumvents the Cisco Cloud Web Security Service
entirely.

*Note: PAC file exceptions should only be made when the endpoint required is your true egress IP or
for a service that is not compatible with a proxy. PAC file exceptions should only be made for trusted
entities.

Step 8:

Log on to the Cisco Cloud Web Security portal at

https://scancenter.scansafe.com

. Click the

Admin tab.

Step 9:

Mouse over Management and select Hosted Config. Click the Upload Config subtab.

Step 10:

Make sure the resource format is set to PAC. The file name should be unique, contain only

alphanumeric characters, and have a file extension of PAC.

Step 11:

For file upload, click Browse and select the PAC file that was tested locally. When finished,

click Upload.

Step 12:

Notice the portal returns to the Manage Config subtab. Click on the icon of the uploaded

PAC file.

Step 13:

Check the active box and then select Save. Use this process to upload new PAC files, not

for modifications or changes to existing PAC files.

Step 14:

To make changes to existing PAC files, from the Edit Config subtab, use the upload area to

upload the updated version of the PAC file.

Figure 2.2