Pfsense behind a proxy server is not connecting to the internet
-
Hi,
I have a Pfsense machine behind a proxy. The proxy server is connected to the internet.
All of the LAN clients are supposed to connect to the Internet through Pfsense.
How should I configure Pfsense in this scenario?I tried this configuration unsuccessfully:
System-->Advanced-->Miscellaneous-->Proxy URL: 192.168.55.100
System-->Advanced-->Miscellaneous-->Proxy Port:8080 (no username, no password)Thank you
-
That field configured pfSense itself to use the proxy for connections it creates itself, for updates for example.
https://docs.netgate.com/pfsense/en/latest/config/advanced-misc.html#proxy-supportIf clients are not set to use the proxy directly and the proxy is not redirecting that traffic itself you could add a port forward to redirect client web traffic to it in pfSense. That's what Squid does if you're running that in pfSense.
Steve
-
@stephenw10
Sir i am stuck please help me belowI am working in an organization already having proxy configured, and managed by other department
Now I install pfsense and set wan as dhcp and lan with static and enable dhcp I am able to ping my company network resouces from that dhcp (used win 10 as vm ) also set company's proxy in system-->advanced --> misc tab alongwith port.
I would like to pass traffic through pfsense I also installed squid package and set proxy address of my pfsense LAN interface alongwith 3128 port but unable to browse internet (err connection time out) but ping works fine
when I put company's proxy then internet works fine but i need to pass traffic through my pfsense
please help me I am new to pfsense need your kind support
thankyouWAN IP static 10.101.4.38 DNS 10.10.0.10 and 11---> LAN IP 192.168.1.100 (dhcp enabled) dns for client 10.101.4.1 and 8.8.8.8
-
If you are using Squid you need to set the upstream proxy in Squid directly in the Remote Cache settings.
-
@stephenw10
Sir I already set remote cache , screen shot is below attached
-
Do you see connections to it in the state table? (Diag > States)
-
@stephenw10
Sir connection from wan ip to my actual production proxy is established as stated below
complete states are below
-
So what is not working here? Does the upstream proxy show it failing?
-
@stephenw10
sir actually ping to upstream works fine but browsing is not err connectin timed out is showing if i give proxy to browser but it i pass traffic from prod proxy then internet works fine but i want to pass traffic through my pfsense,
Is there any network restriction may from production side ? actually wan ip 10.101.4.38 is of my lab and this network is fine for browsing this ip should be enough to communicate with the world.
any suggestions is highly appreciated sir -
Does it show blocked on the upstream proxy?
Is it authenticated? Do you have a username/password entered there?
-
@stephenw10
there is no username password
just ip and port no -
Probably need to check the logs then. Both in Squid and the upstream proxy.
-
Oh you might need this in the advanced options:
-
@stephenw10
superb sir you are awesome it works fine thankyou so much sir
