Yes i follow the instruction but still not working..yes im using squidguard

1.  Yes, with the help of squidguard. 2.  Yes, but make sure you run IIS in HTTP mode, not HTTPS.  WPAD directions for pfSense. 3.  Not that I am aware of. 4.  Never had this happen to me, but in squid's config options you need to check Disable VIA Header and set the X-Forwarded Header Mode to delete.  Without these changes, you are literally announcing to the world that you are proxied.

You seem to be using Firefox to test HTTPS filtering; please not FF does not use the system certificate storage as you indicated in your screenshot - you need to add trusted root certificate to FF own storage. See https://docs.diladele.com/administrator_guide_4_8/https_filtering/install_certificates/win_ff.html

same my issue for version 2.3.2 cannot get data 403 forbidden

hi try this DiagnosticsCommand PromptExecute Shell Command –> pkg update -f after install squid

You need clients certs for running squid in transparent mode.  When running in explicit mode, you only need to configure WPAD to allow most clients to auto-discover the proxy by themselves.

Sarg no longer exists so Lightsquid is your only built-in option.  You could also export your access.log and process it through any number of other log parsers.

@KOM: Are you sure this is what's happening?  Squid, when running on transparent mode, will intercept all TCP 80/443 traffic and that's it.  Inter-LAN traffic doesn't even hit the firewall unless it's travelling between different interfaces.  I've been running squid & lightsquid for literally years now, and I've never seen anything like what you describe.  What are you looking at that makes you assume squid is even involved here? My squid is not on transparent mode, I've run a group policy management to distribute proxies into the domain devices. Well if that has any effect on the monitor then it seems that we have a major problem. If not, well I guess C0RR0SIVE might be right, I need to re-check my network schema.

Thanks!

No specific advice other than to upgrade your pfSense to current, which has newer version of squid plus bugfixes and security patches.

Thanks for all your answers. I have a better understanding now and see your suggestions as the best solution.

Thanks for your reply, Ashime. As soon as I made the pfSense webgui available over http instead of https, the issue was gone… To me that's a pfSense error, but anyway, things work alright now.

rm -rf /usr/local/etc/c-icap rm -rf /usr/local/include/c_icap rm -rf /usr/local/share/c_icap rm -rf /usr/local/lib/c_icap rm -rf /usr/local/etc/c-icap rm -rf /var/log/squid rm -rf /var/squid/ rm -rf /usr/local/etc/squid

But btw, also tested a smaller subset, made no difference…

Sorry it took so long to get back to you on the upgrade yes it was I forget what ver I started with it upgraded like two or three times I cant remember right now but yes it was up grade. I have taking the system back to the beginning of when I first got it up and running and am just doing with out the squid for now I am looking for new system to build or buy to redo pfsense I will be using the new ver I downloaded and burned to disk. I hope that fixes the problem. I  will keep you all up to date with my progress on getting it to work with new system. Thanks for the help so far though I would still be wondering around in the dark if it wasn’t for you folks so thank you so very much.