@jonathanlee Hey Jon. Wanted to follow up here. I got WPAD working with the help of an Apache server. Took about 1hr of googling as im not a sysadmin but its working flawlessly. During this process i discovered that SquidGuard does not work well with Transparent mode. This is the need for WPAD comes into play. Really grateful for your help here.

@jeffrey_223 One last note, for Wpad to work with the blocked sites like this. . . [image: 1671035919391-3277a6f1-2f50-4c8b-845c-105902b74bcb-image.png] (Image: Hotjar blocked and splash screen showing) You have to adapt the admin access certificate to be a intermediate, it must use the ca that you created with Squid, or it will give common name errors. Or use a PfSense CA and make a intermediate just for admin access [image: 1671035900568-32c12094-7306-4a3e-9c7b-56f33456a6aa-image.png]

@iorx Me too did you ever find a solution to this?

@impatient https://forum.netgate.com/topic/176445/squid-cache-table-showing-year-1969-over-and-over/3?_=1670984881914 I have the same issue is there any solution to fixing this in a Netgate 2100 max? Everthing else works caching url blocking Clam AV SSL intercept and Clam AV. This log just shows 1969 After the helper starts or clear cache is ran it shows the right date and after it goes right back to 1969

@lakitu78 I have hits, and refresh unmodified showing in the logs above. But is this for registration of users?

@persia1364 Yes I believe that you can install Squidguard, configure the LDAP integration and then filter based on usernames but this is not simple and I have not tried it myself.

@cobca I do not know if you are running Squidguard, if so also make sure you have a loopback dummy ACL that lets the firewall and the proxy work. If you do not have this it will fail to reach wpad and will not work correctly as Squidguard will block the redirects. [image: 1670693775198-screenshot-2022-12-10-at-9.35.14-am-resized.png] (Image: My dummy acl) I have mine set up to allow the loopback and the firewalls ip address to talk to one another and also let the wpad work. [image: 1670693895852-screenshot-2022-12-10-at-9.37.56-am-resized.png] (Image: Group acl with loopback and firewall Ip) [image: 1670693938072-screenshot-2022-12-10-at-9.38.33-am-resized.png] (Image: location of group acl that attaches to the dummy acl rules)

@mnoya2 Try this: https://github.com/ahuacate/pfsense-haproxy/blob/master/README.md https://docs.deeztek.com/books/pfsense/page/pfsense-haproxy-softether-vpn https://cbonte.github.io/haproxy-dconv/2.2/configuration.html

@jonathanlee Palo Alto does the same thing with certificates and intercepts on their firewalls. Just set it up ethically and it will work. [image: 1670172011664-virus.png] (HTTPS cloud based virus stopped with use of MITM)

@jonathanlee I wish you could pick what certificate to ignore with this.

@jonathanlee The antivirus is working however it no longer uses the red screen also. What could cause this? [image: 1670088323111-screenshot-2022-12-03-at-9.18.10-am-resized.png] New version of found virus screen [image: 1670088346322-screenshot-2022-12-03-at-9.17.57-am-resized.png] Virus table empty will no longer log files, cleared also to resolve same result no updates are placed into the log file for what virus is found [image: 1670088402393-screenshot-2022-12-03-at-9.17.53-am-resized.png] Image shows that viruses are caught in https still Eciar test found however it is not logging anything and the red splash screen is gone