Creating a WPAD entry in DNS
Updated: February 1, 2011
Applies To: Forefront Threat Management Gateway (TMG)
You can configure a DNS entry on the DNS server of the domain controller of the network, from which automatic discovery requests from clients will be received (usually the Internal network), as follows:
Configure a host (A) record for the WPAD server. It is recommended to reserve a static DNS host name for WPAD, as described in Microsoft article 934864: How to configure Microsoft DNS and WINS to reserve WPAD registration (http://go.microsoft.com/fwlink/?LinkId=180364).
Create an alias (CNAME) record to point at the host record (as described in the following procedure).
To configure an alias for WPAD entry
Click Start, point to All Programs, point to Administrative Tools, and then click DNS.
In the console tree, right-click the forward lookup zone for your domain, and then click New Alias (CNAME).
In Alias name, type WPAD.
In Fully qualified name for target host, type the FQDN of the WPAD server. If the Forefront TMG computer or array already has a host (A) record defined, click Browse to search the DNS namespace for the Forefront TMG server name.
The DNS Server role in Windows Server 2008 introduces a global query block list to reduce vulnerability associated with DNS dynamic update protocol. This may affect WPAD deployment.