Squid Transparent not work with 1:1 NAT
-
Hello!
I have two pfsense 2.0.3 in HA with CARP
I have also squid + squidguard in transparent mode. yesterday squid stop to works. After lots of hours i've noticed that if 1:1 NAT is configured the redirect rule of squid automagically disappears… On the second firewall i try to disable all 1:1 NAT entries and the redirect rule of squid automagically reappers... any know bug? Thanks! -
Really no ideas? a bug? I'm the only one with this problem? :'( :'( :'(
-
My understanding of 1:1 NAT is that it is similar to putting a device or subnet in the DMZ. It becomes completely exposed to incoming traffic on the IP address given to it. I think what you are experiencing is the correct behavior for 1:1 NAT. If you want the traffic to pass through the proxy, I think you need to set up port forwarding instead of 1:1 NAT.
If the device on the 1:1 NAT requires a different external IP address than the WAN address of your firewall, I would not have an idea of how to do that and still have the traffic for it go through the proxy.
-
My understanding of 1:1 NAT is that it is similar to putting a device or subnet in the DMZ. It becomes completely exposed to incoming traffic on the IP address given to it. I think what you are experiencing is the correct behavior for 1:1 NAT. If you want the traffic to pass through the proxy, I think you need to set up port forwarding instead of 1:1 NAT.
If the device on the 1:1 NAT requires a different external IP address than the WAN address of your firewall, I would not have an idea of how to do that and still have the traffic for it go through the proxy.
Thanks. I discover that it is not related to NAT1:1 but to squid module….