Multi LAN + Squid + Squidguard + MultiWAN

space_new

@kelsen:

What you mean by "system not work"?
If you are trying to route http|https through one gateway, this is done with squid which will route through the default, failover or loadbalance gateway; you can use tcp_outgoing_address LAN1 WAN1 and so on; for other traffic that squid doesn't handle, it will use the gateway you setup in LAN rules.

Thx for reply!
My goal is to route the traffic that come from LAN1 only to WAN1 (or failvoer group) and the traffic that come from LAN only to WAN2.
Both LAN1 and LAN2 use squid+squidguard for content filtering.
Actually I can route ALL traffic that come from LAN1 and LAN2 only to WAN1, or WAN2 or failover group!!

kelsen

Just create a rule on LAN and LAN2 Interface:

LAN1
source: lan subnet
destination: any
gateway: wan1GW

LAN2
source: lan2 subnet
destination: any
gateway: wan2GW

space_new

@kelsen:

Just create a rule on LAN and LAN2 Interface:

LAN1
source: lan subnet
destination: any
gateway: wan1GW

LAN2
source: lan2 subnet
destination: any
gateway: wan2GW

I have just tried, but this method not function because the http traffic is sent to Squid that send all traffic over default wan (wan1)

kelsen

As I said, you can use tcp_outgoing_address LAN1 WAN1 and so on.

space_new

@kelsen:

As I said, you can use tcp_outgoing_address LAN1 WAN1 and so on.

Hi,
thx for reply…
but if I configure custom option of Squid with: tcp_outgoing_address 192.168.0.0/24 191.X.Z.T, I recive an error from squid.
If i write
alc int_net 192.168.0.0/24
tcp_outgoing_address 191.X.Z.T int_net
squid not return any error, but the traffic do not sent through 191.X.Z.T!!!

space_new

Someone can help me?  :'(

Regards,

kelsen

Post a screen shot of your squid configuration.
You are using failover? if yes, post the lan rules and float too.

space_new

@kelsen:

Post a screen shot of your squid configuration.
You are using failover? if yes, post the lan rules and float too.

This is my custom options on squid.
I do not have failover!

http://imageshack.us/photo/my-images/703/capturetim.jpg/?sa=0

kelsen

This IP is your Gateway or Wan IP? it must be your Wan IP. Besides this, there is nothing else to do.

space_new

@kelsen:

This IP is your Gateway or Wan IP? it must be your Wan IP. Besides this, there is nothing else to do.

Thx for reply…
This is the address of my WAN interface (not CARP address)

kelsen

Yet it  still didn't work? have you saw your ip on www.meuip.com.br while using proxy?

space_new

@kelsen:

Yet it  still didn't work? have you saw your ip on www.meuip.com.br while using proxy?

Hi, the site report that my ip is the default gw and not 191.X.Z.T (proxy is detected)

niebla

Take a look at your DNS Settings. Are you suing the forwarder? Does the proxy have any DNS entries? If so try removing them.

space_new

@niebla:

Take a look at your DNS Settings. Are you suing the forwarder? Does the proxy have any DNS entries? If so try removing them.

Yes, I use DNS forwarder of PfSense, but none configurationa about DNS is dove on proxy server…