@thiagocarlossilverio said in Integration between captive portal and squid. Usernames are not showing in access.log file:

Você conseguiu solucionar seu problema?
Estou com o mesmo problema:

not yet.

Just updated my squid + squidguard packages and it worked again. Able to login and access the internet using squid + captive portal authentication.

Dear Kiookoman, The problem got solved when all history including cookies were cleared. Thank you for your help again. regards Kiran

@mhmz

does it make any sense sitting on proxy server with deactivated aes-ni ?

Did you do it manually does it work? And if yes you modified config file or done it from UI ?
Thanks.

Did any one found a solution for this, I am using OBS and squid proxy, I am unable to do live streaming over OBS, kept 1935 as safe ports in squid config, still no use, need help

@PiBa

As this is a production system, let me stand up a test device and will execute your instructions there. If that goes well then I will execute on the production system to make sure it works for us.

I realized I forgot to say what is the goal of this !
The goal is to log usernames is they are connected to the domain, and just let pass those who are not. But "http_access allow all" seems to ignored...

@skilledinept here is good article: https://cbonte.github.io/haproxy-dconv/

i don't think you can see it anymore.

haproxy / backend / advanced configuration

Transparent ClientIP

but read the warning

@dragoangel Yes, it is already resolved, it is now possible to redirect successfully to my web application, and already using https, as shown in the image below.

Captura de tela de 2020-10-27 14-54-55.png

I take this opportunity to thank you and everyone who somehow interacted for a solution to my problem, grateful for all the support and patience in the instructions.

@S_m do you tried http/2? In theory it not help on one big file but still. Also you can try something like loader.io

Correct answer: stop use tcp mode for http backend. This stupid tbh! You lose all benefits of haproxy you can have.

Haproxy also can have letsencrypt (acme). More over it more good way to handle ssl on haproxy frontend then on iis where you simply at black hole with tls setup which apply only after reboot, not correctly working http/2 and much more stuff about what benefits haproxy have with http and miss with tcp... If you want have full encryption this also not an issue: you create own CA at pfsense and issue own certificate from this CA for 10years and put them on iis. Haproxy connect to iis over https and also validate that ssl is not faked. For frontend you use same lets encrypt...

Jti I also never had such bug while I had many pfsense with haproxy in various setups