Port sharing squid reverse proxy & openvpn
-
Hello
I've squid reverse proxy working on port 24443
Nat & rule to have 443 passed to 127.0.0.1 on 2443
Working wellI want to have squid listening on 443 (apparently not allowed)
open VPN listening on 443 (with this advanced setting: port-share 127.0.0.1 443I'm unable to make it work …
Can someone get me a solution ?
Thanks
-
Found it
Open vpn on port 443
Nat https to https on localhost
With advanced
Port-share 127.0.0.1 4443Then
Squid reverse proxy on 4443 for https
Works
-
Hello stanthewizard,
I am trying to realize the same as you did but wasn't successful yet.
Could you please describe your NAT settings in more detail?Thanks and regards
-
You install openvpn
with default parameter but listening on port 443
then in advanced type this:
Port-share 127.0.0.1 4443On NAT
TCP/UDP * * your wan 443 (OpenVPN) 127.0.0.1 443 (OpenVPN)With squid reverse proxy listening on 4443 eveyrthing should be working
If not
give detail about your config -
Hi stanthewizard,
thanks four your explanation. I got it up and running as described below.- installed OpenVPN with the Wizard to listen on the WAN interface, port 443, TCP, tun mode
- in "Advanced" I inserted the following "port-share 192.168.0.1 4443"
- and added a NAT Port Forward rule as following:
| If | Proto | Src. addr | Src. ports | Dest. addr | Dest. ports | NAT IP | NAT Ports |
| WAN | TCP | * | * | WAN address | 443(HTTPS) | 192.168.0.1 | 443(HTTPS) |- as expected, the firewall rule was created automatically, which is why the following rules are defined for the WAN interface:
| ID | Proto | Source | Port | Destination | Port | Gateway | Queue | Schedule |
| IPv4 TCP | * | * | WAN address | 443(HTTPS) | * | none | |
| IPv4 TCP | * | * | 192.168.0.1 | 443(HTTPS) | * | none | |- squid3 reverse is listening on the WAN interface, port 4443
In my case the IP "127.0.0.1" did not work. The problem was that the pfsense is located behind the ISP's router which forwards the port 443 to the pfsense box. Instead, I had to use the WAN interface's IP address "192.168.0.1" of my pfsense box.
Thanks again.