HAproxy will do that.

To match AD tree, there shouldn't be OU=Info,DC=Info-Tools,DC=lan ?

@jimp said in Bypass squid proxy to some IP: For that, you will need WPAD or a similar client-based proxy configuration telling it what to use and ignore. Squid can't control that in non-transparent mode, it's 100% up to the client. Gonna look into that. Thanks

@dragoangel said in Enforce HTTPS on non standard HTTP port: @chpalmer I not like to be rude, Then don't be. Theres no sense in that. Its just a conversation and a way to learn. No reason to get heated. Yep- I was not wearing my glasses and missed that he is trying to use the same port. You said "impossible" and I agree.

@wesleylc1 do u run SquidGuard?

@Schischi exist a third party called PF2AD, I create a video tutorial but is Spanish: Pf2AD But u need 2 Pfsense boxes, https://www.pf2ad.com/ Greetings.

Please help?

Looks like the change is coming... https://obsigna.com/articles/1563917142.html ssl_crtd was rename to security_file_certgen now squid.inc need fix :-o

@pintu1228 no special. Use corect ACL, action and create backend. What you mean special? This even not websocket. Acme will newer overwrite another cert with same Common Name. You need remove previous incorrect certificate from certificate manager and after it run get cert again.

@mcury you are right its happening due to transparent proxy. Yes I m using transparent proxy and when I disable the transparent proxy my country blocking works but at the same time domain blocking dont work for me. Now what next please tell me where and what rule should i put to make it work. and I thnk so that client using DNS resolver as DNS server coz I configured the google/youtube/bing safe search which are configured with the help of DNS resolver and on my client browser the google safesearch is working that's means client is using DNS resolver.

@remzej said in Intermittent ERR_SSL_PROTOCOL_ERROR: I've been having the same problem ever since but I managed to make it work perfectly. Just be sure to set 127.0.0.1 as the first DNS server by unchecking the Disable DNS Forwarder in General Setup. That was the way I solved the same issue