Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proxy Support ?

    Scheduled Pinned Locked Moved General pfSense Questions
    9 Posts 2 Posters 907 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N Offline
      netfly
      last edited by

      Hello Guys, Could someone tell me how this works? I can't find any information on google about it.

      e92e1002-19a9-4ea1-b1fe-097127063b0a-image.png

      I also take the opportunity to report this problem, it does not allow me to place my domain to synchronize.

      d62c4867-62f2-4cb9-bd99-d59a71c5c455-image.png

      Thank you!!

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        If you have an upstream proxy that pfSense needs to use to get external access you enter it there.
        https://docs.netgate.com/pfsense/en/latest/config/advanced-misc.html#proxy-support

        In an HA setup you have to use a fixed IP to synchronise to. It cannot be an FQDN.

        Steve

        N 1 Reply Last reply Reply Quote 0
        • N Offline
          netfly @stephenw10
          last edited by

          @stephenw10 said in Proxy Support ?:

          In an HA setup you have to use a fixed IP to synchronise to. It cannot be an FQDN.

          But I don't have a fixed IP, I use DynDns

          And regarding the proxy, I'll explain, I'm trying to send the traffic of one of my pfsense lans to a tor proxy (but I still can't find a way to do it, any suggestions)?

          1 Reply Last reply Reply Quote 0
          • stephenw10S Offline
            stephenw10 Netgate Administrator
            last edited by

            To use an HA pair you must have at least one static IP, the CARP IP can only be static. To set it up correctly you should have 3 static IPs so usually a /29.
            The sync IP though is the internal IP used to sync between the nodes so that's usually a dedicated interface but can also be using a VLAN or an internal interface directly. Those will all be static IPs though.

            That proxy setting is nothing to do with Tor. There is no support for Tor included in pfSense, to get that working would require a custom setup. There are some guides for doing that I believe though I have never tried it personally.

            Steve

            N 1 Reply Last reply Reply Quote 0
            • N Offline
              netfly @stephenw10
              last edited by

              @stephenw10 said in Proxy Support ?:

              To use an HA pair you must have at least one static IP, the CARP IP can only be static. To set it up correctly you should have 3 static IPs so usually a /29.
              The sync IP though is the internal IP used to sync between the nodes so that's usually a dedicated interface but can also be using a VLAN or an internal interface directly. Those will all be static IPs though.
              That proxy setting is nothing to do with Tor. There is no support for Tor included in pfSense, to get that working would require a custom setup. There are some guides for doing that I believe though I have never tried it personally.
              Steve

              thanks for getting me out of doubt with HA setup.

              Talk about tor for an example, but I mean any proxy, what I need is that my lan navigates with another ip address

              That's why I thought to use a proxy in pfsense so that pfsense sends all my lan traffic to that proxy but I have no idea where to start. Help me?

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by

                That proxy setting is for traffic from pfSense itself, to check for updates etc, so not what you want here.

                The easiest way to obscure your source IP is to use a VPN and route the traffic you need across it.

                Steve

                N 1 Reply Last reply Reply Quote 0
                • N Offline
                  netfly @stephenw10
                  last edited by

                  @stephenw10 said in Proxy Support ?:

                  That proxy setting is for traffic from pfSense itself, to check for updates etc, so not what you want here.
                  The easiest way to obscure your source IP is to use a VPN and route the traffic you need across it.
                  Steve

                  when it says to use a vpn (you mean connect pfsense to a vpn) and then use nat to get traffic from xx ip to the vpn ip?

                  or do you mean to connect my client within the lan network to a vpn?

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S Offline
                    stephenw10 Netgate Administrator
                    last edited by

                    I mean connect pfSense to the VPN and then use policy routing to send whatever traffic you need across it. That could be all traffic from a particular internal interface.

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • N Offline
                      netfly
                      last edited by

                      @stephenw10 said in Proxy Support ?:

                      I mean connect pfSense to the VPN and then use policy routing to send whatever traffic you need across it. That could be all traffic from a particular internal interface.

                      Thanks for the help, I already have it!

                      1 Reply Last reply Reply Quote 1
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.