Squid ovpns1 int
-
Hi, I`m trying to configure openvpn users to use squidguard.
The objective here is to once users are authenticated by openvpn, they get filtered by a profile from squidguard.==
scenario: (client to site VPN)sg-3100 (2.4.2, all packets lastest version) default gateway from LAN
squid+squidguard running in explict mode (clients using PAC file).
squid and squidguard authentication are OFFopenvpn auth goes:
1 - vpn user reaches vpn server (user auth+ssl cert) > radius(freeradius3 built in Pfsense)
2 - client specific override getting him a static IP based on his name.So now we have a openvpn user with a static IP address that we can use in firewall rules, and i want to use inside squidguard too.
The problems im currently facing is:
Squid configuration doesn`t show openvpn interface, so i can set it to listen on it (shows only my vlans and wan).
Is there somehow to make squid to listen on openvpn interface (ovpns1) too? -
interfaces/assign, add the ovpns1 as a pfSense interface like OPT123, enable it, after that is will probably show up on squid.. and firewall rules can be managed separately..
-
Hi, thanks for answering, however it didn`t work as expected.
By doing that, I got two openvpn interface tabs for firewall rules (OpenVPN tab created during OpenVPN setup and a OPT interface just created as you mentioned), and VPN traffic starts to get dropped by Firewall, even with permit IP any any in both tabs.
Did i miss something?
-
It worked, thanks a lot.
It`s perfect, working in explict or transparent mode.Best regards
-
might try to restart the openvpn service.?. other than that it 'should work' at least for the regular traffic.. (i never tried together with squid for the vpn..)
Edit:
ah it works.? great :)