Did you check the Firewall->NAT->outbound
if you setup manual outbound nat you have to enter the mappings in there manually if its setup as Hybrid (my choice) then new interface mappings are automatically added and you can also enter manual ones.

Perhaps a problem with squid and SNI?

https://forum.pfsense.org/index.php?topic=111418.0

https://forum.pfsense.org/index.php?topic=123223.0

As doktornotor likes to say, this thread is starting to stink.

Thank you.

I have this:
http://www.dell.com/support/home/us/en/19/product-support/servicetag/3f47c5j/diagnose

What kind of smart switch is available?

@GhostRunner:

But if I relocate the pfSense box how do I connect to it from an office that is upstairs?

The assumption would be Ethernet but I'm guessing your house isn't wired for it. If you have coaxial television outlets in the office and near your router you can use a pair of MOCA-Ethernet adapters (https://www.actiontec.com/products/home-networking/ecb6200/) to create an Ethernet link over the coaxial cabling.

@stephenw10:

That looks like an issue entirely within VBox if it's between the host and the guest. That traffic never goes through pfSense.

Try an iperf test between pfSense and the host on VLAN30 to confirm that.

Steve

you are right. iperf from and to the router is "fast" (in quotes because it's a gigabit line, but it does only 596 Mbit/s):

[2.4.0-RC][admin@rutter.in.tern.al]/root: iperf -c 192.168.30.10 ------------------------------------------------------------ Client connecting to 192.168.30.10, TCP port 5001 TCP window size: 64.2 KByte (default) ------------------------------------------------------------ [  3] local 192.168.30.1 port 57809 connected with 192.168.30.10 port 5001 [ ID] Interval      Transfer    Bandwidth [  3]  0.0-10.0 sec  711 MBytes  596 Mbits/sec [2.4.0-RC][admin@rutter.in.tern.al]/root:

So it's a VirtualBox problem. Thanks stephenw10!

strip_query_terms off

Tried the above settings and I didn't get the result I needed. I can see the full address if i go to Squid proxy server / real time but the word/phrase thats been searched and user that searched it needs to be logged.

Anyone got any suggestions?

It seems like the answer to this depends on the relative performance of your pfSense box vs. the RV340 and the cost of upgrading the former vs. purchasing the latter. It's hard to see how combining them would be advantageous unless your pfSense box is significantly underpowered for gigabit (but if that is true it's not going to be very good to use as a firewall)

You can do that, forward requests to the correct server based on the host-header, using Reverse Squid or HAProxy.

HAProxy is more capable but potentially more complex: https://doc.pfsense.org/index.php/Haproxy_package

Steve

Hi everybody,
Someone have an idea to solve this problem?

Thanks in advance
Jack

It sounds like you have some sort of asymmetric route happening. You may be seeing an ICMP redirect that allows the traffic to pass until it times out.

You need to trace where that syn/ack from the timeclock is going or if the syn ever reaches it.

The first thing I would do though is check the pfSense firewall logs for blocked flagged or outbound traffic.

Steve

Fixed.  Browser issue.

I'd start your toubleshooting with the  NICs: https://doc.pfsense.org/index.php/Tuning_and_Troubleshooting_Network_Cards

Try searching the forum for your specific NIC or chipset

@dvs23:

Well, buying a managed switch is no problem, I just cannot add a second wire to the APs… So I thought it would be unnecessary..

A VLAN to an access point is the usual method for multiple SSIDs.  A common configuration is to have the native LAN used for normal users and the VLAN for guests, who are only allowed to access the Internet.