• Skype not working

    13
    0 Votes
    13 Posts
    14k Views
    I
    Hi sherwinluissss, I configured pfsense 2.3.2 + squid (transparent with ssl inspection enabled)+ squidGuard. I have couple of issues skype is one of those. call are going fine but it is showing internet issue and not showing user as online it is keep trying to do get the status. can you please let me know how you solved your skype issue with squid. what are the hosts needs to be allowed i allowed skype.com live.com hotmail.com these three are using by skype atthe time of login. could you please help me how to fix this. My second problem is with multiple sip phones trying to connect one external pbx. no voice on incomming calls and no in and outbound voice ext to ext. Thanks in advance. Harry
  • 0 Votes
    12 Posts
    2k Views
    R
    so ok. i got it running. Reinstalled pfSense (this time i selected http) then restored the config (no problems with that) it works now, i can access on http thanks for the help
  • Https filtering

    9
    0 Votes
    9 Posts
    2k Views
    jimpJ
    There is no such thing as a "kosher" certificate for SSL interception (unless you're the Chinese government, if rumors are to be believed). You must use a self-signed CA for SSL interception, and that CA must be installed on clients.
  • Pfsense Proxy NTLM HTTPS block page problem

    3
    0 Votes
    3 Posts
    792 Views
    D
    Ok, so we gonna have to deal with it. Thanks, David
  • PfSense 2.3.2-RELEASE-p1 squidGuard 1.4_15 running at 100% CPU

    25
    0 Votes
    25 Posts
    4k Views
    KOMK
    Good catch.  Glad to hear t's now working as expected.
  • SquidGuard without Squid

    5
    0 Votes
    5 Posts
    2k Views
    KOMK
    Just use squid + squidguard, but set squid's Hard Disk Cache Size to 0 and the Hard Disk Cache System to null.  This is exactly how I use squid.
  • Squid Proxy -> SSL Man-in-the-middle Filtering & SSL CA

    23
    0 Votes
    23 Posts
    24k Views
    I
    Hi , I recently installed and played with this squid and squidGuard on pfsense 2.3.2 (updated with 2.3.2_1). I ran through the same issue. I mean when ever I enabled squidGuard with common ACL CN in certificate issued by  squid is "http" which doesn't make any sense to me. I thought the problem is with patch So I installed pfsense 2.3.2 again and tried it worked fine. But the reason is not patch. I enabled "Do not allow IP-Addresses in URL" this is causing the issue in my case. I just disabled this and tried it is working fine but when ever i try enable this running into issues. But it should be fixed  if it is a real bug. If this works for anyone please let me know I will create this in pfsense bugs list. Thanks, Harry.
  • Install AWStats for squid-cache stats

    1
    0 Votes
    1 Posts
    782 Views
    No one has replied
  • Content of "Target Rules" field is not saved - SquidGuard

    1
    0 Votes
    1 Posts
    396 Views
    No one has replied
  • Can't start squid, squidguard or lightsquid

    5
    0 Votes
    5 Posts
    1k Views
    F
    I just got the squid and squidguard working as it was before (fingers crossed as I still need to do some test) but again, I couldn't have done it without your help will keep the configuration backup suggestion in mind for next upgrade and I'll get a tab screen capture to redo the config which is not that bad. Thank you again! Cheers!
  • 0 Votes
    4 Posts
    1k Views
    D
    Ok, I managed to change my setup to use HTTPS instead, here's my config: global maxconn 1000 stats socket /tmp/haproxy.socket level admin uid 80 gid 80 nbproc 1 chroot /tmp/haproxy_chroot daemon listen HAProxyLocalStats bind 127.0.0.1:2200 name localstats mode http stats enable stats refresh 10 stats admin if TRUE stats uri /haproxy/haproxy_stats.php?haproxystats=1 timeout client 5000 timeout connect 5000 timeout server 5000 frontend SharedFront bind 58.182.70.241:443 name 58.182.70.241:443  mode tcp log global timeout client 30000 tcp-request inspect-delay 5s acl ACL1 req.ssl_sni -i aaa.ddns.net acl ACL2 req.ssl_sni -i bbb.ddns.net tcp-request content accept if { req.ssl_hello_type 1 } use_backend aaa_https_ipvANY  if  ACL1 use_backend bbb_https_ipvANY  if  ACL2 backend aaa_https_ipvANY mode tcp log global timeout connect 30000 timeout server 30000 retries 3 option httpchk GET / server aaa 192.168.1.23:443 check-ssl check inter 1000  verify none backend bbb_https_ipvANY mode tcp log global timeout connect 30000 timeout server 30000 retries 3 option httpchk GET / server bbb 192.168.1.24:443 check-ssl check inter 1000  verify none Can someone help check if there will be potential issues?
  • PfSense Reverse Proxy - HAProxy or Squid?

    2
    0 Votes
    2 Posts
    2k Views
    D
    HAProxy, hands down.
  • Enable userlist Squidguard Pfsense 2.3.2

    1
    0 Votes
    1 Posts
    502 Views
    No one has replied
  • Block Website Through squid proxy

    2
    0 Votes
    2 Posts
    665 Views
    S
    You need a program to look into the traffic - one possible solution is ICAP server - see https://docs.diladele.com/tutorials/filtering_https_traffic_squid_pfsense/index.html
  • Squid + Authentication Method : NT Domain

    6
    0 Votes
    6 Posts
    3k Views
    D
    LDAP/RADIUS should work with 0.4.26. NT Domain auth is gone with 0.4.29.
  • Reverse Proxy - 403 Denied

    6
    0 Votes
    6 Posts
    4k Views
    ?
    ive updated packages to latest, reconfigured everything and jeeeh, now i get another error which i am not able to fix too: 1482081072.306      1 192.168.178.254 TAG_NONE/400 3795 NONE error:request-too-large - HIER_NONE/- text/html 1482081072.322    28 192.168.178.254 TCP_MISS/400 3858 GET http://blabla.myfritz.net:8080/ - HIER_DIRECT/192.168.178.253 text/html in browser i get squid error page: ERROR The requested URL could not be retrieved The following error was encountered while trying to retrieve the URL: error:request-too-large The request or reply is too large. ... config: http_port 192.168.178.253:8080 accel defaultsite=blabla.myfritz.net vhost cache_peer 10.10.55.10 parent 8080 0 proxy-only no-query no-digest originserver login=PASS name=rvp_pi_peer acl rvm_pi_uri url_regex -i ^http://blabla.myfritz.net:8080/.* cache_peer_access rvp_pi_peer allow rvm_pi_uri cache_peer_access rvp_pi_peer deny allsrc never_direct allow rvm_pi_uri http_access allow rvm_pi_uri its very frustrating  :o
  • RDS Gateway with Squid RP

    2
    0 Votes
    2 Posts
    656 Views
    F
    Up :)
  • Haproxy Backend clone bug

    2
    0 Votes
    2 Posts
    653 Views
    D
    Avoid the clone button. https://redmine.pfsense.org/issues/6756 https://redmine.pfsense.org/issues/6511
  • SquidGuard question

    1
    0 Votes
    1 Posts
    628 Views
    No one has replied
  • SquidGuard & Squid Https Filtering

    Locked
    5
    0 Votes
    5 Posts
    2k Views
    DerelictD
    Yeah I'll lock this. Thanks. If someone has a similar issue please post a new thread in Cache/Proxy.
Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.