Load Balancing + Failover with Squid - Not working PLS HELP…....

jikjik101

can you try this one? this is just my setup which works for me.

1. In your floating rule,

WAN1 address * * * Wan1BalanceWan2 none

2. Disable the 127.0.0.1 in your LAN rule

3. In your NAT,
WAN1 any * * * * * NO
WAN2 any * * * * * NO

4. In your proxy server, select LAN interface only. Try to remove your alternate DNS server.

5. In the custom options,
tcp_outgoing_address 127.0.0.1;redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf;redirector_bypass on;redirect_children 3

abcvidu

I have tried as per wht u have instructed me. But still not workingg ??? ??? ???

Please help

jikjik101

1. Update to the latest snapshot

2. Create a gateway group (example: LoadBalance) with your WAN and Opt1 in same tier.

3. In your LAN firewall rule, below the Anti-Lockout rule, make another rule like this: * * * * * LoadBalance none
Interface: LAN
Protocol: Any
Source: Any
Destination: Any
Gateway: LoadBalance

4. In the floating rule, select the following:
Interface: WAN AND Opt1 - you can control+click the interfaces to select more than one
Direction: Out
Protocol: Any
Source: Any
Destination: Any

- - - - LoadBalance none

5. Under NAT>Outbound
Select Manual Outbound NAT rule generation
Protocol: Any
Source: Any
Destination: Any
Translation: Interface Address

Interface Source Source Port Destination Destination Port NAT Address NAT Port Static Port Description
WAN any * * * * * NO
Opt1 any * * * * * NO

6. In the Proxy Server:
General:
Custom Options: tcp_outgoing_address 127.0.0.1;redirect_program /usr/local/bin/squidGuard -c /usr/local/etc/squidGuard/squidGuard.conf;redirector_bypass on;redirect_children 3

Access Control:
External Cache-Managers: <Your LAN IP Address>

abcvidu

Hi,

My version is 2.0-RC3 (i386)
built on Tue Jun 21 16:50:25 EDT 2011

is there any latest update than this? I've clicked on the available update at dashboard. But it displayed "Unable to get updates". How can I get the latest snapshot? Please past the link on your answer.

I did every thing as what you have said to me but unfortunately my internet is still not working. Is there any thing to do with my client pc setting (Ex: Default GW or DNS setting). I think i don't want to change any thing on the client side. Just entering the 192.168.0.110 as proxy ip and 3128 as a port.

But I have notice I cannot clear my state table. When I click Clear the state at Diagnostics -> state -> Reset State. It seems PC is hung. but after the several minits I clicked refresh, then it goes. But my state tables are not cleared. is it a problem? how can i clear it?

I've attached every thing here for kind reference.

Please check and let me know the problem.

Thank you very much

Best Regards

Nuwan

![GW Group.PNG](/public/imported_attachments/1/GW Group.PNG)
![GW Group.PNG_thumb](/public/imported_attachments/1/GW Group.PNG_thumb)

Floating.PNG_thumb
![LAN Rule.PNG](/public/imported_attachments/1/LAN Rule.PNG)
![LAN Rule.PNG_thumb](/public/imported_attachments/1/LAN Rule.PNG_thumb)

NAT.PNG_thumb

Proxy1.PNG_thumb

Proxy2.PNG_thumb

Proxy3.PNG_thumb
![Access Control.PNG](/public/imported_attachments/1/Access Control.PNG)
![Access Control.PNG_thumb](/public/imported_attachments/1/Access Control.PNG_thumb)
![Browser Settings.PNG](/public/imported_attachments/1/Browser Settings.PNG)
![Browser Settings.PNG_thumb](/public/imported_attachments/1/Browser Settings.PNG_thumb)

Metu69salemi

To fix your update problem

jikjik101

In your browsing settings, select no proxy…

I don't know why your settings doesn't work, I am just a newbie also. I just want to share my setup which works and hopefully thinking that it will work with yours.
Sorry if it didn't help.

Maybe the more experienced members here can help.

abcvidu

Hi Everybody,

Thanks to Heper and jikjik101 finally I could get internet through squid proxy server with Load Balancing and Fail over. I will explain to you each and every steps with my screen shots. ;) ;)

1. You should update your Version up to the latest version

2.0-RC3 (i386)
built on Fri Aug 12 16:23:11 EDT 2011

Then …...

GW.PNG_thumb
![GW Group.PNG](/public/imported_attachments/1/GW Group.PNG)
![GW Group.PNG_thumb](/public/imported_attachments/1/GW Group.PNG_thumb)

NAT.PNG_thumb

Floating.PNG_thumb
![LAN Rule.PNG](/public/imported_attachments/1/LAN Rule.PNG)
![LAN Rule.PNG_thumb](/public/imported_attachments/1/LAN Rule.PNG_thumb)

Proxy1.PNG_thumb

Proxy2.PNG_thumb

Proxy3.PNG_thumb

Proxy4.PNG_thumb
![Browser Settings.PNG](/public/imported_attachments/1/Browser Settings.PNG)
![Browser Settings.PNG_thumb](/public/imported_attachments/1/Browser Settings.PNG_thumb)

Metu69salemi

Question, why you need to assign proxy for the browsers if it is already transparent?

abcvidu

I need to keep default GW of my PC as my Firewall IP. Coz I'm having to access DMZ. if i applied "No Proxy" settings how can I access to internet?

Metu69salemi

@abcvidu:

I need to keep default GW of my PC as my Firewall IP.

Naturally
@abcvidu:

Coz I'm having to access DMZ. if i applied "No Proxy" settings how can I access to internet?

Usually transparent proxy works like it's named "transparently" aka no need to tell browsers it's existent

abcvidu

So if I checked "No Proxy" with PC Default GW= Firewall IP, is there any way to access internet?

Nachtfalke

@abcvidu:

So if I checked "No Proxy" with PC Default GW= Firewall IP, is there any way to access internet?

If you browse the web with port 80 (http) the squid automatically redirects this packets and so the traffic is going through squid. This is why you call it "transparent". You do not need any additional setting on your clients and the clients in general do not (need) to know that there is a TRANSPARENT proxy anywhere in the network.

You only need to edit the proxy address in the browser if you squid in NOT usinge transparent mode.