Force devices to squid
-
contacted to proxy manually and got this
http://autodiscover.localdomain/wpad.datThe requested URL could not be retrieved
The following error was encountered while trying to retrieve the URL: http://autodiscover.localdomain/wpad.dat
Unable to determine IP address from host name autodiscover.localdomain
The DNS server returned:
Name Error: The domain name does not exist.
This means that the cache was not able to resolve the hostname presented in the URL. Check if the address is correct.Your cache administrator is admin@localhost.
when disconnected from proxy I got nothing just page cant load error
-
…try http://xxx.xxx.xxx.xxx/wpad.dat
You should get a file download named wpad.dat (there will be no .txt and it wont open like a normal text file...). If it doesn't download, then something is very wrong.
-
…try http://xxx.xxx.xxx.xxx/wpad.dat
You should get a file download named wpad.dat (there will be no .txt and it wont open like a normal text file...). If it doesn't download, then something is very wrong.
Hi I did http://192.168.1.1/wpad.dat and got 404 error
-
Is your web-configurator using HTTP or HTTPS? You are storing the wpad.dat and two other files in the correct directory, right?
Should be /usr/local/www
I mean, if the following has been done, wpad should be working.
1: Set WebConfigurator to HTTP
2: Set the DHCP and DNS methods for proxy auto-discovery
3: Store wpad.da, wpad.dat, and proxy.pac in /usr/local/www
4: Set devices to autodiscovery for proxy settings.The fact that your pfsense install shows a 404, means that the files are, in fact, not stored in the proper directory, or are not named properly.
-
WOW GUYS IT IS WORKING GREAT NOW the problem was my stupidity , when I saved the wpad I did not do "wpad.dat" I just did wpad.dat so I was just uploading a text doc lool, now I saved them the right way and its great thank you so much for all your kind help, the pc works fine now I am trying to see about my android phones as they are not using for auto proxy and when I select proxy auto it asks for a address, by any chance do you know what url should be entered? thanks to all
-
Ok solved it also put http://pfsenseip/wpad.dat everything is great thank you all
-
Android sadly doesn't support WPAD, probably never will.. Also has horrible certificate support.
Easiest way for Android to hit your proxy, is on the wifi connection for your network in Android, is to set a "manual proxy" and enter in the router config, so 192.168.1.1 and 3128 for the port, and save.
-
Ye thanks I went to the wifi ssid held down on the ssid advance settings config auto proxy and gave it http://192.168.1.1/wpad.dat and it works great I did as you also suggested and workes great also. :)
BIGGEST THANKS GOES TO KOM as I would have given up if it was not for him thanks you are a really great help here
-
I just dug my way out of a major snowstorm where I am. Glad you got it working.
-
There is something I don't understand in your design :(
WPAD RFC states that "well known alias "mechanism will search for
"wpad.extension…/...your_domain.tld"
then
"wpad.your_domain.tld"
then
"wpad"
which means that both your host domain and search domain settings matter.On the other hand, service name (here wpad) is somewhat hard-coded, meaning your vhost should handle http://wpad.your_doman.tld.
Obviously, if you web server handles everything, it will work but understanding this level of detail may help you in case you deploy on another perhaps less flexible web server.Another potentially useful point:
if you configure pfSense to listen on HTTPS, then you can still have HTTP server handling wpad if you install "vhost" package ;) -
Last question I do not know if any one here can help me with I have a sony bravia smart tv and set it to use the proxy youtube app works fine but some apps and browser I get this error msg page could not be retrieved https://sony.tvstore.opera.com:84 this only happens threw proxy
-
also I think some programs have trouble threw proxy like I have filbot that looks for metadata for movies with port 80 blocked it does not seam to download unless I reopen port 80 on firewall
-
Hi I re installed squid 3 and everything is ok now accept for the tv it looks like it cant get to the domain it needs for some apps, last question in real time monitoring I do not get sites visited just the pfsense ip squid_monitor_data.php. does this mean I can not view the sites visited cos of dns rebinding?
-
the tv it looks like it cant get to the domain it needs for some apps,
So create a firewall rule above your port 80 block rule that allows specifically the TV to go out on port 80.
last question in real time monitoring I do not get sites visited just the pfsense ip
Not sure what you're looking at. That page shows you the IP address as well as the URL. Or are you saying the Address field is always blank? A screenshot would be helpful.
-
in squid real time but looks like when I disconnect the pc from proxy and go to realtime then site seam to show. and this is the last question HONESTLY I created a user in squid and selected local authentication when I try using the browser I get a box box asking for user and pass but when I enter the user and password I created in squid it does not accept it
-
That IP address is for your pfSense instance itself. Unless you have a DNS entry for it somewhere, it's only going to show the IP address because that's all it has to work with. Are you accessing the pfSense GUI via its IP address or a hostname?
No idea about your auth issues as I've never needed to password-protect the proxy. Perhaps try looking for clues in /var/squid/logs/cache.log or access.log.
-
@KOM:
That IP address is for your pfSense instance itself. Unless you have a DNS entry for it somewhere, it's only going to show the IP address because that's all it has to work with. Are you accessing the pfSense GUI via its IP address or a hostname?
No idea about your auth issues as I've never needed to password-protect the proxy. Perhaps try looking for clues in /var/squid/logs/cache.log or access.log.
I access pfsense gui by ip address, all I have in dns resolver is the wpad settings
host wpad
domain ourdomain
ip 192.168.1.1when I access real time rports from a pc that is not going threw the proxy sites name show up fine, I see that ip only from pcs that are going threw the proxy, so if I want to see the site names I just go the the pc that I accepted fort 80 for and bypassed the proxy
-
The problem of the auth I found what it was the password must be less then 8 characters long
