Ugh. No, not adding any such thing to the package. Needed for what? More complex code and more mess?

(Beyond the fact that you could easily add it yourself to some of the advanced/custom confgi fields, what sense does this make on an appliance that provides a single, non-customizable partitioning scheme for everyone?)

Thanks, will do.

in last update squid now its good work but i dont update pfsense to 2.3.3-1

Never seen it. And no, apparently there's no way to fix it automatically, as you can see from the output.

We mark the "Remember my credentials" on the user/password prompt on Outlook and Remote Desktop Client, but don't works.
It is very annoying for the users.

This really cannot be caused by Squid, Squid won't even run until it's configured and enabled via the GUI.

I'm using squid with domain authentication + squidguard , but if I enter the whitelist Skype does not work
if I do I disable squidguard Skype works  :-\

thats what i was thinking, thank you

Hi,

Why did you create another thread?
It's best to just add your comment into an existing thread if it exists instead.
Spreading the same issue in the forum decreases it's value and causes mod's / the people you want not to respond to it.

Transparent proxy will filter HTTP (port 80). It can only do content filtering for HTTPS with MITM and certificate installed on all clients.

Yeah, for reverse proxy HAproxy is strongly preferred. Much more flexible than Squid.

Squid is both Proxy and Reverse proxy.

For what purpose do you want / need this combination?

Why would you need a second machine?

You probably didn't receive a proper response because you are asking a question that is far to generic and not pointing towards something you actually try to achieve.

Probably no-one responded to this because this is one of the main things you can do with PFSense using HAProxy and even Squid 3 Package.

Go for HAProxy and dive deep into the Doc's and find examples.
It's magic!

Hi Fluxx,

It kindof depends on how professional your setup is.
You will usually have a VIP when you i.e. have two firewalls in a redundant setup.
If one fails the other one takes over and the both will normally have different IP addresses.

For this reason a Virtual IP is used as a listening address.
If one firewall fails the other firewall will start Listening on the VIP address causing all traffic to be routed through that firewall.

If you have a single firewall setup; I'd forget about it.
The WAN rule will need to be arranged depending on where you want it to listen on.
If you're using a VIP; you'll want to be using the VIP to listen on.
If not I'd advise to use WAN since This Firewall is in fact comparible to any IP the firewall serves (I believe even 127.0.0.1)

Hmm make sure to setup a proper ACL and get to know regular expressions (www.regexr.com)

Example for mysite:

And ACL

And Actions

Squid users have really nothing in common with captive portal users nor with users set up in System - User Manager. Completely confused about what you are trying to do there.