Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid NAT Rule

    Scheduled Pinned Locked Moved
    pfSense Packages
    2
    5
    3.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      techatdd
      last edited by

      I think this subjekt is here more "on topic", so I post it again…

      I want to redirect all http port 80 traffic to a second pfsense box with a second pppoe connection.

      The squid works fine, Tranparent Mode and the also a manual Nat rule. But when I configure it on the first pfsense box, wich is the default gateway in my lan, to forward every port 80 traffic (with the same NAT rule working on a single pfsense) to the squid pfsense box with an other PPPOE connection to the internet it does not work. Something wrong in my plan?

      1 Reply Last reply Reply Quote 0
      • T
        techatdd
        last edited by

        Nobody can help me?
        Please post at least that it was sensless what I did  ;)

        1 Reply Last reply Reply Quote 0
        • H
          hoba
          last edited by

          It's not senseless. Can you post some more details like what rules you created to capture the traffic and redirect it, more details how things are connected and so on?

          1 Reply Last reply Reply Quote 0
          • T
            techatdd
            last edited by

            Thank you. After your reply I tested again. I read docs and everything should work, but it does not.

            My default Gateway is a pfsense at 192.168.1.2 with a PPPOE connection and I have a second pfsense with an other pppoe connection and a working squid at 192.168.1.4.
            the Firewall rules are lazy for testing.
            When I change my default gateway to 192.168.1.4 the squid works fine in transparent mode with a nat rule:
            LAN  TCP  80  192.168.1.4 (ext.: any)  3128

            But when i change my gatewy to 192.168.1.2 and add the same nat rule: 
            LAN  TCP  80  192.168.1.4 (ext.: any)  3128
            to this box, I simply get no HTTP answers.

            I checked it with the log of a local proxy (Proximitron):

            *** Log Reset ***

            +++GET 18959+++
            GET / HTTP/1.1
            Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/x-shockwave-flash, application/msword, application/vnd.ms-excel, application/vnd.ms-powerpoint, /
            Accept-Language: de
            Accept-Encoding: gzip, deflate
            User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET CLR 1.1.4322)
            Host: www.google.de
            Cookie: PREF=ID=0123456789abcdef:LD=de:TM=1092136657:LM=1095448847:S=d9XRmQ0kEuilLFA2; GPC=FW=2:GHV=0:SIG=AFoGOkC9LZ4eWbjs:TS=0:TV=1; POPUPCHECK=1106597842718; msa_resolution=1280x960x32; fcP=C=0&T=1101085863703&V=1101085873656; GTZ=-120
            Connection: keep-alive
            ** 18959 Socket

            Any suggestions?

            1 Reply Last reply Reply Quote 0
            • T
              techatdd
              last edited by

              Any hints, hoba?

              1 Reply Last reply Reply Quote 0
              • First post
                Last post