• Haproxy with OpenVPN

    12
    0 Votes
    12 Posts
    11k Views
    S

    It is hard to keep in mind all nuances in all threads :D
    I never had to use that guide, but as I can see - this exactly what you need, working OVPN as one of backends and X-Forwarded for web requests.

  • Squid bypass. What am I doing wrong ?

    2
    0 Votes
    2 Posts
    802 Views
    A

    You are using a domain name instead on an IP.

  • Squid Reverse Proxy and VIPs

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • Basic Squid configuration problem….

    1
    0 Votes
    1 Posts
    2k Views
    No one has replied
  • Pfsense vlans and transparent proxy

    3
    0 Votes
    3 Posts
    2k Views
    C

    as I remeber filtering was working. I had lan interface aitting in default vlan while other interfaces in different vlans an different subnet, requests from that subnets was filtered but not badwidth. bandwidth was my problem. squid was listening to lan interface in default vlan. forget to mention that on lan interface was tagged other vlans not to other physical interfaces.

  • CAN'T INSTALL ANY PACKAGES IN PFSENSE 2.3.1

    2
    0 Votes
    2 Posts
    803 Views
    E

    I have the same problem, the server have internet conection and the time its ok, but i can't install anything
    help pls.

  • [CONFUSED] Squid Proxy + Filter + Alias blocking?

    3
    0 Votes
    3 Posts
    1k Views
    V

    Yes, Facebook has multiple IPs and FQDN. If I use the Firewall Alias option I can just load up the Alias (facebook.com fb.com www.facebook.com www.fb.com). The alias blocks fine.

    I have not tried to keep cycling the service. I was taking for granted the 'Apply' under Squid Filter was refreshing the config and clearing the cache. Does any one know for sure?

  • Two squid and one balancer [ SOLUTION ]

    1
    0 Votes
    1 Posts
    478 Views
    No one has replied
  • [Help] pfsense2.3.1+squid+squidGuard, How do access https://abc.com:7001

    4
    0 Votes
    4 Posts
    1k Views
    A

    @KOM:

    You should probably post your question in the forum for your native language, if it exists, because your questions don't make much sense.  You would access those web resources using their URLs just as you have put them.  Squid isn't going to intercept anything on port 7001 without you adding an ACL to Squid's Custom ACLS section.  To intercept HTTPS on transparent proxy, you need to enable Man in the Middle SSL filtering and install pfSense certificate son every client.

    KOM, Thank you very much, you solved my problem!

  • Bug/Wrong description by squid settings

    2
    0 Votes
    2 Posts
    705 Views
    R

    Can someone confirm the problem or is it just me?

  • Squid dont care about Outbound NAT IP?

    3
    0 Votes
    3 Posts
    2k Views
    A

    Hi jimp,

    thanks for your reply. :)

    I tried to give Squid the Custom config
    tcp_outgoing_address 87.199.9.9
    in the field "Custom ACLS (After Auth)".
    But the IP did not change.. The "WAN Address" is still shown to the public.

    If i put that line in "Custom ACLS (Before Auth)" i am getting the squid error page while loading a website "The System answered [No Error]".
    I also get the error page when i put the line in the "Integrations" field.

    The IPs are configured as IP Alias.
    Any more hints? :)

    Greets

  • Squid stops everytime the configs are saved

    5
    0 Votes
    5 Posts
    1k Views
    R

    @ajnozari:

    when you save Squid stops then re-starts to reload the configuration.

    Why is pfsense not using the reload function/option instead of a restart? Atm you can't make any changes in a live environment. I have to wait until everyone has finished work to make any changes.

  • Squid still accepts sha1 certificates

    1
    0 Votes
    1 Posts
    514 Views
    No one has replied
  • Add webGUI cert to squid trusted CA

    3
    0 Votes
    3 Posts
    897 Views
    R

    Thanks

    "Bypass Proxy for Private Address Destination" did the job

  • Loss HIT cache in captive portal

    1
    0 Votes
    1 Posts
    532 Views
    No one has replied
  • HAproxy management not working

    3
    0 Votes
    3 Posts
    841 Views
    P

    The https://hostname/HAproxy_listeners.php never existed on 2.3.x versions.. (or at least it wasnt supposed to..) All the php package files for haproxy package where moved to a subfolder https://hostname/haproxy/HAproxy_listeners.php ..

    It might have been that some old 2.2.x files remained or that old menu references where still present in the config file..

    Anyway good that a reinstall of package fixed it..  :D

  • Need help with Squid in Explicit mode for SSL Filtering

    13
    0 Votes
    13 Posts
    4k Views
    N

    Hi,

    getting the cert error that a cert is issued to "http" seems for me to be related to a squidguard target category or a blacklist which contains "unallowed" characters.
    I have no problems with the "shallalist.de" blacklist. So I would suggest to determine which Target Categorie is leading to this problem to disable them all, click first "Save" and the "Apply" und squidguard General page and try again. If it is working then try to add target categories one after another with the same steps as long as it stops working.

    Then if you have identified the target category causing the problem, then try to find the problematic characters or symbols and the with this information open a bug report on reminde.pfsense.org.
    I did not found the causing characters until now.

    Regards.

  • Squid cache on second disk

    1
    0 Votes
    1 Posts
    595 Views
    No one has replied
  • Squid doesn't allow http access to internally hosted site

    2
    0 Votes
    2 Posts
    528 Views
    U

    Here is some more information to try and clarify the issue.

    Here is the following screen that is received when trying to navigate to the website hosted inside the network (behind pfsense/squid) when squid is turned on.

    As from my previous post, the example url that I gave was http://git.gitserver.com. As from the image above, the URL has now turned into https://git.gitserver.com for no apparent reason.

    Is there something that I'm missing because this site is hosted behind pfsense and squid? Why would squid automatically redirect the site to https if the site was never configured to accept https connections?

    Thanks,
    Uh_Hey

  • Missing Squid in 2.3.1 or plz alternate ?

    2
    0 Votes
    2 Posts
    837 Views
    H

    squid is/should be in the 'available packages' list on 2.3.1

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.