Problem with Squid3-dev, dansguardian and https Traffic

thomas_91

hello Community,

|  Gateway  |  (Router IP: 192.168.2.1)
      '–---+-----'
            |
        WAN | IP 192.168.2.10
            |
      .-----+-----.
      |  pfSense
      '-----+-----'
            |
        LAN | IP 192.168.3.1
            |
        LAN | 192.168.3.0/27
            |
      .-----+------.
      | LAN-Switch |
      '-----+------'
            |
    ...-----+------... (Clients/Servers)

I did install my Squid3-dev with the tutorial here: http://sichent.wordpress.com/2014/02/22/filtering-https-traffic-with-squid-on-pfsense-2-1/#comment-477

What i want to run is squid + dansguradian in transperant mode filtering http and https Traffic. My http (80) Traffic is still working, and i dont know what i should do with my https.

Forward 1:
Interface: LAN
Protocol: TCP
Source: LAN subnet
Destination: any
Destination Port: HTTP to HTTP
Redirect IP: 127.0.0.1
Redirect Target Port: 8080

Portforward 2:
Interface: LAN
Protocol: TCP
Source: LAN subnet
Destination: any
Destination Port: HTTPs to HTTPs
Redirect IP: 127.0.0.1
Redirect Target Port: 8080

Squid Gernal Settings:
Port 3128
enable: Transperant http proxy
Transperant Proxy interface: loopback

enable: Https/ssl interception
ssl intercept interfaces: loopback
Port 3128
CA: selfsight from pfsense

ACLs:
Allowd Subnets 192.168.3.0/27

About suggestions I would be happy

koohiisan

I have the same question!  Did you make any progress on getting that setup working?

rjcrowder

You can't transparently redirect HTTPS. You have to explicitly set the proxy in the browser settings or use an auto config URL.