Yes, if you've assigned the bridge and given that the interface address for the subnet then use that.
However you would normally have that assigned as the LAN in that case so maybe you haven't.

Steve

Same issue in thread https://forum.pfsense.org/index.php?topic=96984.0 .

Please have a look at it.

WOW…  :o

I don`t need to filter Access by Clients (Groups ACL or Common ACL), but by Target Categories (hosts, URLs). The blacklist redirection should be integrated in Target Categories or Blacklist tab some how, but it is not. So how to tell to blacklisted sites go to ext URL?

the wrong line inserted, problem solved, used this string to get Qualys grade A with https://forum.pfsense.org/index.php?topic=82914.15:

some.domain.tld options=NO_SSLv2,NO_SSLv3,CIPHER_SERVER_PREFERENCE cipher=ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:!ECDHE-RSA-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!AES256-GCM-SHA384:!AES128-GCM-SHA256:!AES256-SHA256:!AES128-SHA256:!AES256-SHA:!AES128-SHA:!DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4 dhparams=/usr/pbi/squid-amd64/local/etc/squid/dhparams.pem sslflags=NO_SESSION_REUSE

it's for squid 3 reverse proxy

You could try.. going to a website that should be blocked (IE: Pornhub) and see if it is blocked….

Hi, there seems to be an issue with this PFSense version and Squid3 making Squid3 unavailable in the package list.
There also is an issue with Squid3 when you upgrade from < 2.2.4 making that it doesn't start.
The resolution for that issue is discribed in another post.

You could install 2.2.3, install squid3 and then upgrade to 2.2.4 and follow a short fix that I described in this post https://208.123.73.68/index.php?topic=97211.0.

Hi, I had the same issue.
Logging in using SSH and executing:

/usr/pbi/squid-i386/bin/squid

Did the trick for me and fixed some issue; even after a reboot squid seems to work fine again.

After that i was able to execute the start and stop from the GUI too.
Or from the command line:

/usr/local/etc/rc.d/squid.sh start

Note: I have squid running on a port above 1024
Check the tunables under system -> advanced and set the minimum port value from 1024; (default) to 0 to disable this and run squid on i.e. port 80

Use explicit mode with WPAD instead.

https://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid

@KOM:

Please don't hijack an unrelated thread.  Post your problem in its own thread and I;ll be happy to help.

Thanks , I'm going to start new thread  :)

Regardless, your throughput is going to stink if you have a virus scanner in the mix.  You're better off running an acceptable AV package on your clients instead of loading the firewall with extraneous stuff that's guaranteed to slow the flow.

Hi,
It was on port 80 but I've changed it to 8080 yet it still doesn't work, it no longer gives the error but just sits there and times out trying to access remotely.

regards
Jamie

I'm starting to believe that disk caching is not very useful anymore due to low hit rates, and squid is only good now for URL filtering with squidguard.

Gdsnytech,

I'm currently on vacation, so I don't have access to my system at this moment, but I'll try and help as much as I can ( from memory). :-)

The first step is probably to make sure that the "squidtrustIII.exe" is working and reporting the system information correctly.
Use the squidtrustIII files from the sourceforge page. They are the most current.

http://sourceforge.net/projects/squidtrust/files/SquidtrustIII/

Run the exe file on the workstation, and you should see a small penguin pop up in the lower right system tray.

From a second workstation telnet to the workstation running the agent on port 2199.

You should then be able to press the number keys 1-7 (if I recall correctly), and the agent should return various system/user information, then disconnect.

Please verify that the agent is working as expected, and if not, please provide any information that may help in troubleshooting…ie: windows OS, any anti virus running? Can you connect to port 2199 or does the connection not work? .....etc.....