New HOWTO: pfSense Squid Web Proxy with multi-WAN links (it works!)
-
@ermal: i've found that when binding squid to localhost only causes traffic from lan not to go through the proxy … should any other redirect rules be implement when running it your way ?
@zzajdica: the floating rules are there to push http traffic to the correct gateway ... check if your floating rules correspond with the ones in this how-to and let us know if that helped
-
Hi!
Thanks for the docs! I'm having some issues also.
1. Following the guides you made, it's working! really! but after few seconds the squid is starting to fail then all connection are totally blocked by squid.
- maybe it's on squid
2. In this mode, while the tier 1 is down. The pfsense itself doesn't have internet connection (im not sure how to say it)
- can't ping any host or even check for updates.
- **but as long as all workstations does have connection and forwarders are working i think i can live with this.I really appreciate what you made!!
I'm Hoping you can help us!!Thank yoU!!!
-
Hi!!
After following those guides, it does gives me interest to study pfsense deeply.
I'm running pfsense 2.0 RC2 (updated) squid + wan failover that for me is working. Just did it TODAY.
I did not set or use any rules (as in no rules are being used.)
I still need to monitor this over the weekend. I'd be happy to share it with you guys if this one works with my needs.
Like port forwarders and carp/pfsync.THank you for giving me encouragement!!
-
My floating rule is set. I also tried upgrading to the newest snapshot but it did not help. Please see attached for my settings. Thanks!
-
Edit the floating rule so that the interfaces and direction are also visible in the screenshots. That's the most important info there aside from what you've shown.
-
-
Check "quick" on that rule.
-
Tried that didn't work
-
duplicate the floating rule you made for http traffic, then modify it for dns (proto tcp/udp / port dns=53)
-
All ways not work.
we need standard way work with all , not for one.
very bad. -
Thanks Heper but that also did not work. I'm going to be deploying this later on with a different network (Right now I am just testing) with DNS servers on the LAN so maybe I'll have better luck in that environment. I'll post back as soon as this happens.
Many thanks.
-
Hi you guys, any one have the document ? i cant get it from the url posted.
thanks in advanced.
Regards
-
Hi you guys, any one have the document ? i cant get it from the url posted.
thanks in advanced.
Regards
Solved, the link was down till now.
Thanks
-
Still couldn't get it to work.. failover works great if I don't have Squid running.
-
We need LoadBalancing and FailOVER! squid guys working faster please!
-
@DimitriS
Did you tested this setup in case of loadbalancing?
After my test it perfectly works in case of failover, but not when I set up loadbalancing between two gateways..
I tried to bind squid to loopback and LAN and only loopback, and works well only when gateways sets in failover.Michael
-
I agree with mbedyn, failover works but not loadbalancing.
-
Saw the same thing here. Fail-over yes, load balancing no.
-
same here no loadbalance only failover. Also the redirect error page in squidguard doesn't point to the redirect page.
2.0-RC3 (i386)
built on Wed Jun 22 12:38:11 EDT 2011installed packages: squid, squidguard, bandwidth and vnstati
squid in transparent mode, 2 ISP (dynamic and static WANS)
floating rule set as this:
@zzajdica: -
I tried to follow the HOWTO but it seems I encountered problems:
2.0-RC3 (i386)
built on Fri Jul 1 00:16:18 EDT 2011
