Multiwan and squid no work properly

aykiri1

why selecting loopback ?
only select LAN.

basitkhan

I tried both wiht loopback and without loop back but still not working :(

hyrol

@Basit:

I tried both wiht loopback and without loop back but still not working :(

You still using pfSense 2.1, it does not work because it floating rule does not work.

aykiri1

i fixed it.

create an acl with src and add ip list any text file (every ip per line) then set acl to wan/2 or wan/1 which you want
add this acl to first line. that other acl's work all default gateway.
regards

basitkhan

@aykiri1:

i fixed it.

create an acl with src and add ip list any text file (every ip per line) then set acl to wan/2 or wan/1 which you want
add this acl to first line. that other acl's work all default gateway.
regards

i used  pfsense 2.0.3 and share your config or screen shots for better understanding, i m still struck in it :(
waiting…

aykiri1

my version 2.1 64 bit
goto proxy server screen
and see custom options.

default is :

tcp_outgoing_address 127.0.0.1;;redirect_program /usr/pbi/squidguard-amd64/bin/squidGuard -c /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf;redirector_bypass off;url_rewrite_children 5

then add this string as your config

acl nameofacl src "/usr/local/etc/squid/ip.txt";tcp_outgoing_address X.X.X.X nameofacl;

nameofacl is what you will write of name its not important you can use any
X.X.X.X is your wan interface (not gateway)

"/usr/local/etc/squid/ip.txt" is ip list which you want to ip's going to which interface.
open any txt file. then write per line 1 ip

example:
192.168.1.40
192.168.1.41
192.168.1.42
etc…

no use /24 or /16 /8 for subnet

no need any floating rule .. its working perfect with squid 2.1 and squidguard
i think moderators change thread name to (fixed)

hyrol

@aykiri1:

then add this string as your config

acl nameofacl src "/usr/local/etc/squid/ip.txt";tcp_outgoing_address X.X.X.X nameofacl;

nameofacl is what you will write of name its not important you can use any
X.X.X.X is your wan interface (not gateway)

what happen when WAN PPPoE dynamic "tcp_outgoing_address X.X.X.X nameofacl"

for me it's not roundrobin/loadbalacing

javerleo

@aykiri1:

my version 2.1 64 bit
goto proxy server screen
and see custom options.

default is :

tcp_outgoing_address 127.0.0.1;;redirect_program /usr/pbi/squidguard-amd64/bin/squidGuard -c /usr/pbi/squidguard-amd64/etc/squidGuard/squidGuard.conf;redirector_bypass off;url_rewrite_children 5

then add this string as your config

acl nameofacl src "/usr/local/etc/squid/ip.txt";tcp_outgoing_address X.X.X.X nameofacl;

nameofacl is what you will write of name its not important you can use any
X.X.X.X is your wan interface (not gateway)

"/usr/local/etc/squid/ip.txt" is ip list which you want to ip's going to which interface.
open any txt file. then write per line 1 ip

example:
192.168.1.40
192.168.1.41
192.168.1.42
etc…

no use /24 or /16 /8 for subnet

no need any floating rule .. its working perfect with squid 2.1 and squidguard
i think moderators change thread name to (fixed)

A good contribution. But even if it works, it is not the same functionality we had before pfSense 2.1: Squid Outgoing connections balanced automatically between  WAN interfaces.

This is an important topic. Maybe the hero members can contribute with a final post: Can we have Squid working with multi WAN on 2.1? What are the required steps?

:)

Thanks.

basitkhan

Still Waiting to work squid proxy with 2.1 :(
the per ip list is fine but what to do if one wan connection goes down? it will still keep sending the request to failed wan :(
this is major bug! kindly update it as soon as possible

Thanks for all

afrugone

Any news about fixing PfSense 2.1 to work with Multiwan+Squid, I'll need it and don't like to downgrade to 2.03.

Thanks for your comments

Kababayan

Have 3 wans two wans uses load balance for proxy. third wan is for gaming and other traffic. Using pfsense 2.1 upgraded from 2.0.3. Using Lusca Proxy.

javerleo

So far I was forced to downgrade to 2.0.3 to have squid working with multi-wan but I don't like the idea of losing the new 2.1 functionality.

Hero members: come and save us !!! (as usually they do)

:)

hyrol

I was get a solution, please follow the forum link below.

https://forum.pfsense.org/index.php/topic,66822.0.html
or
https://forum.pfsense.org/index.php/topic,60977.0.html