• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Redirect to squid almost working, but stuck when add the rules to pfsense

Scheduled Pinned Locked Moved NAT
2 Posts 2 Posters 5.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • H
    hampeh
    last edited by Sep 17, 2008, 8:11 AM

    Hi all.

    I am using pfsense 1.2, squid box is running on dmz using centos4.6 and i am having problem configured it to work with transparent proxy.

    My setup is

    Lan: 192.168.0.0/24
    DMZ: 192.168.5.0/24
    Squid: 192.168.5.2

    When i manually entered the proxy server address into the browser i can surf without any problems. But once i add the rules for pfsense to redirect all my LAN client to use squid, it gave an error of

    
    1221638274.348      0 192.168.5.1 TCP_DENIED/403 1386 GET http://xxx.xxx.com/favicon.ico - NONE/- text/html
    1221638274.350     15 192.168.0.254 TCP_MISS/403 1420 GET http://xxx.xxx..com/favicon.ico - DIRECT/202.129.165.234 text/html
    1221638275.276      0 192.168.5.1 TCP_DENIED/403 1404 GET http://login.yahoo.com/config/cookie_token - NONE/- text/html
    1221638275.277   6101 192.168.0.248 TCP_MISS/403 1438 GET http://login.yahoo.com/config/cookie_token - DIRECT/209.191.92.114 text/html
    1221638276.075      0 192.168.0.254 TCP_NEGATIVE_HIT/403 1405 GET http://xxx.xxx.com/ - NONE/- text/html
    1221638276.799      0 192.168.0.254 TCP_NEGATIVE_HIT/403 1405 GET http://xxx.xxx..com/ - NONE/- text/html
    
    

    What i did was to create a NAT rule.

    Create a portforward interface LAN
    external adress any
    protocol tcp
    external port 80
    nat IP 192.168..5.2
    internal port 3128.

    Any help?? i have been struggling with this problem for quite sometimes now.

    1 Reply Last reply Reply Quote 0
    • E
      eethore
      last edited by Nov 5, 2008, 5:34 AM

      i'm having the same problem.
      when i entered the proxy manually (3128), it can be done.
      but when i use the redirect rules NAT for LAN interfaces from 80 to 3128, seems to be unresolved web.

      hiks…can anyone help me?

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
        [[user:consent.lead]]
        [[user:consent.not_received]]