Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Problem with configuring the Netgate 1100

    General pfSense Questions
    4
    18
    973
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • F
      Firewalldude89
      last edited by

      Hi, I wonder why I dont see the Squid certificate in the padlock icon by clicking on it on websites in web browser. If you dont see it, then it can mean it doesnt work.

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        You would only see that if you implemented a 'full bump' MITM style Squid install where it's intercepting all traffic.

        F 1 Reply Last reply Reply Quote 0
        • F
          Firewalldude89 @stephenw10
          last edited by

          @stephenw10 you mean "splice whitelist, bump otherwise"?

          I also wonder why I dont see the IPv4 address from my netgate router in system settings on computer.

          F 1 Reply Last reply Reply Quote 0
          • F
            Firewalldude89 @Firewalldude89
            last edited by

            @netgate1100guy I can see IPv4 adress now, fixed it. Still wonder about the padlock icon and Squid in webbrowser.

            F 1 Reply Last reply Reply Quote 0
            • F
              Firewalldude89 @Firewalldude89
              last edited by

              @netgate1100guy And wonder how to fix "ICAP protocol error" when I try to visit websites

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by

                You should see the Netgate LAN IP as the gateway on a client behind it. Assuming you're using DHCP.

                F 1 Reply Last reply Reply Quote 0
                • F
                  Firewalldude89 @stephenw10
                  last edited by

                  @stephenw10 Now I get the error message "ERR_CONNECTION_TIMED_OUT" when try to view the default admin site with 192.168.1.1 IP adress, how do I fix this?

                  Am running Squid with MITM mode..

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S
                    stephenw10 Netgate Administrator
                    last edited by

                    Undo whatever you last did?

                    If you have console access you can roll back the config there.

                    I would disable Squid though.

                    F 1 Reply Last reply Reply Quote 0
                    • F
                      Firewalldude89 @stephenw10
                      last edited by

                      @stephenw10 Hi thanks, got Squid enabled but have it on just "splice all" with HTTP proxy active, works much better. I wonder about something:

                      If a hacker somehow blocks downloads from the internet (happens often) and there is a hacker (numerous unknown IP addresses), does that mean the hacker is inside my local network?
                      Can a hacker block and interfere with downloads by hitting the internet modem/central or maybe even WAN port on Netgate 1100, but without getting inside and into my computer?

                      stephenw10S 1 Reply Last reply Reply Quote 0
                      • stephenw10S
                        stephenw10 Netgate Administrator @Firewalldude89
                        last edited by

                        @netgate1100guy said in Problem with configuring the Netgate 1100:

                        If a hacker somehow blocks downloads from the internet (happens often) and there is a hacker (numerous unknown IP addresses)

                        What exactly are you seeing that makes you think this is happening?

                        It's far more likely to be a compromise on your local client if it really is malicious activity.

                        However simply being unable to download is probably a config issue.

                        Either way Squid won't help you at all here. And on an 1100 could well be causing more problems.

                        Steve

                        1 Reply Last reply Reply Quote 0
                        • S SteveITS referenced this topic on
                        • S SteveITS referenced this topic on
                        • First post
                          Last post