@KOM thank you!

@akuma1x @stephenw10 only change the range of the ips ! :o thanks !

I don't know. I don't use pfB.

@KOM It was set to "uk" so I changed to "en", saved and restarted service which has fixed the issue. TA

@KOM thanks

There must be something in one of the logs: Status - System Logs - System - General Services - Squid Proxy Server - Realtime Try increasing the squid debug log level by adding this to the Advanced Options - INtegrations section for squid: debug_options ALL,5 Increase the value after ALL, to get more and more detailed logging. http://www.squid-cache.org/Doc/config/debug_options/ http://etutorials.org/Server+Administration/Squid.+The+definitive+guide/Chapter+16.+Debugging+and+Troubleshooting/16.2+Debugging+via+cache.log/

TLS 1.3 will require OpenSSL 1.1.x, which is only currently available on pfSense 2.5.0 development snapshots. Though it does look like net/haproxy-devel is at 2.0-dev2 on the branch used for pfSense 2.5.0 development, but the pfSense haproxy-devel package doesn't use it (yet). I'm not aware of any plans to switch that over yet, but it's probably just a matter of time.

@sichent This link shows what to do in CentOS or Ubuntu and clearly states (on discussion) that it is not for pfSense.

Yay !!! Got this working. Have to add rule to both interface to allow proxy port. Users will log in using CP credentials then access go through squidGuard

Thanks! I ended up doing two things. Completely deleting all the items from the list, killall of filterdns, and reloading the list - which appeared to properly resolve all the FQDNs in the proper alias table. Created a separate list of IPs to bypass as well. Both seem to be working better now.

@veldthui Haproxy does not 'understand' FTP protocol.. But you might be able to do something with 'FTPS' where the ftp connection is wrapped inside SSL, and haproxy might be able to use a SNI header if the ftp client sets that... Really guessing/hoping there bigtime though.. If thats not gonna fly then i don't think haproxy will be able to help you out here. For sure its not intended for this that is for sure. Good the http/https part works nicely now :).

Hello That's right! I've switched to TCP, but I still have not made it work. I have finally passed these ports to a NAT / PAT, and only Proxy Reverse is being made to the http and https protocols.

@Rarog I have the same problem my friend!! so how did u solve it?? where did u chage the port setting to 3268 ?? and about the AD password I use "pa$$w0rd' so you suggest me to change it?

@Draco32 The 0.59_17.txz indeed is not available, the 0.59_19.txz is though.. maybe the repository got updated in between of your retrieval of the metadata and actually trying install the package or something. Anyhow good the issue is resolved already.

Hi! Works and now its even faster :) Thanks!

@jimp said in Squid 4.x: We now plan to include Squid 4.x in the 2.5 release based on FreeBSD 12. We have not yet begun the work on this, but will soon. Very looking forward to it!