How is other traffic treated when squid proxy is active?
-
Hi,
How is other traffic treated when squid proxy is active in transparent mode? By other traffic I mean https, rdp to servers outside our network, TeamViewer, vnc to external servers, ssh etc.For http I know the proxy will do sort of nating after some sort of filtering using squid guard. Will pfsense not intercept other traffic and let it go via firewall rules?
How is the case when squid is running in authenticated mode?
Regards.
-
well…tell you the truth nothing really been running smooth the past year with transparent mode. most of the times its either TCP/200 miss and on https sites it wont even show on the squid realtime log. Now the VPN make sure to exclude it on squid
-
well…tell you the truth nothing really been running smooth the past year with transparent mode. most of the times its either TCP/200 miss and on https sites it wont even show on the squid realtime log. Now the VPN make sure to exclude it on squid
Thanks for you reply. what perplexes me is if https traffic destined to some remote webserver is not proxied by squid then does it passes via firewall rule/nat ? what for rdp ? what for all other traffic not proxyed by squid ? are they processed via firewall rules ?
what is traffic flow path for those traffic types ? -
well…tell you the truth nothing really been running smooth the past year with transparent mode. most of the times its either TCP/200 miss and on https sites it wont even show on the squid realtime log. Now the VPN make sure to exclude it on squid
Bump
Thanks for you reply. what perplexes me is if https traffic destined to some remote webserver is not proxied by squid then does it passes via firewall rule/nat ? what for rdp ? what for all other traffic not proxyed by squid ? are they processed via firewall rules ?
what is traffic flow path for those traffic types ? -
Everything except HTTP, and if you have properly setup Squid to also handle HTTPS, will just pass through the firewall instead of squid… Squid is not meant for anything except traffic that goes over 80 and 443 in a typical environment.