Pfsense Proxy NTLM HTTPS block page problem
-
Hi, We've configure one pfsense server to be a proxy.
We've followed this guide http://pf2ad.mundounix.com.br/en/index.html and succesfully configure the proxy server to filter HTTP, we are using Squid 3 and SquidGuard to filter.
Also configure a Man in the middle to filter HTTPS, this works fine until we block access on a category with squidguard, as soon as we block a category the error page don't display.
For example, if we allow the shopping category, we can access amazon.com, wich uses HTTPS protocol, but as soon as we block this category the error page do not display. In HTTP the sgerror page display correctly, but in the HTTPS we get a certificate problem, the HTTPS are working correctly because as I said if is not blocked we can access the site.
We've been using pfsense for a while but never to filter HTTPS, hope any one can help.
David
-
I would say the reason you get a certificate problem is because you can't intercept and redirect and HTTPS connection, at least not supposed to. Don't think there is any way you can get the block page if you hit a blocked page with HTTPS, even with MITM.
-
Ok, so we gonna have to deal with it.
Thanks,
David