@persia1364 Yes I believe that you can install Squidguard, configure the LDAP integration and then filter based on usernames but this is not simple and I have not tried it myself.

@cobca I do not know if you are running Squidguard, if so also make sure you have a loopback dummy ACL that lets the firewall and the proxy work. If you do not have this it will fail to reach wpad and will not work correctly as Squidguard will block the redirects. [image: 1670693775198-screenshot-2022-12-10-at-9.35.14-am-resized.png] (Image: My dummy acl) I have mine set up to allow the loopback and the firewalls ip address to talk to one another and also let the wpad work. [image: 1670693895852-screenshot-2022-12-10-at-9.37.56-am-resized.png] (Image: Group acl with loopback and firewall Ip) [image: 1670693938072-screenshot-2022-12-10-at-9.38.33-am-resized.png] (Image: location of group acl that attaches to the dummy acl rules)

@mnoya2 Try this: https://github.com/ahuacate/pfsense-haproxy/blob/master/README.md https://docs.deeztek.com/books/pfsense/page/pfsense-haproxy-softether-vpn https://cbonte.github.io/haproxy-dconv/2.2/configuration.html

@jonathanlee Palo Alto does the same thing with certificates and intercepts on their firewalls. Just set it up ethically and it will work. [image: 1670172011664-virus.png] (HTTPS cloud based virus stopped with use of MITM)

@jonathanlee I wish you could pick what certificate to ignore with this.

@jonathanlee The antivirus is working however it no longer uses the red screen also. What could cause this? [image: 1670088323111-screenshot-2022-12-03-at-9.18.10-am-resized.png] New version of found virus screen [image: 1670088346322-screenshot-2022-12-03-at-9.17.57-am-resized.png] Virus table empty will no longer log files, cleared also to resolve same result no updates are placed into the log file for what virus is found [image: 1670088402393-screenshot-2022-12-03-at-9.17.53-am-resized.png] Image shows that viruses are caught in https still Eciar test found however it is not logging anything and the red splash screen is gone

@gertjan Error squidclamav_check_preview_handler: Wed Nov 30 15:56:36 2022, 92197/1098002432, ERROR clientip is null, you must set 'icap_send_client_ip on' into squid.conf [image: 1669852992693-screenshot-2022-11-30-at-4.02.08-pm.png] It goes on and on... I have also just added adaptation_send_client_ip {$icap_send_client_ip} to line 234 of [image: 1669853016667-screenshot-2022-11-30-at-3.32.23-pm-resized.png] ref https://forum.netgate.com/topic/129331/adaptation_send_client_ip-vs-icap_send_client_ip?_=1669853066007 It seems to already be enabled also, any ideas? [image: 1669853231717-screenshot-2022-11-30-at-4.06.21-pm.png] Keep in mind it all worked until a week or so ago, not it will not even see the test virus anymore

@tyoungls adaptation_send_client_ip {$icap_send_client_ip} are you sure it is not line 234? [image: 1669851180192-screenshot-2022-11-30-at-3.32.23-pm-resized.png]

@bmeeks Thanks for the reply! Understood!

@cesd I answer because noone did till now. To create shared frontend, just create your 1st, then on 2nd, it will show you the warning msg and the second website will not work error 50x. a tthis point go to the first frontend, edit it and select, shared frontend, on dropdown menù, choose the 2nd frontend. thats'it