Squid & HTTPS port forward

nrw

If I configure browser to use squid as proxy - all working fine. But when I configure browser to connect directly to the Internet and forward HTTPS to squid by NAT - it doesn't work. Any ideas? Problem only for HTTPS. HTTP forward - work correctly.

marcelloc

@nrw:

If I configure browser to use squid as proxy - all working fine. But when I configure browser to connect directly to the Internet and forward HTTPS to squid by NAT - it doesn't work. Any ideas? Problem only for HTTPS. HTTP forward - work correctly.

You can't transparent proxy HTTPS. You need men-in-the-middle atack/technique to intercept https communication forging server certificate.

nrw

You can't transparent proxy HTTPS

Are you talking about "Transparent proxy" option in squid or HTTPS NAT port forward configuration?
In my case "Transparent proxy" is disabled and I use only NAT port forward.

marcelloc

Both are transparent proxy configuration as it will forward http connections to squid.