4. WPAD/Squid fail, having trouble figuring out what went wrong

WPAD/Squid fail, having trouble figuring out what went wrong

  • D

    I've got PFsense set up with Squid running. I had it running okay in transparent mode, but after reading that WPAD is a better alternative, I decided to make the switch.

    I pretty much followed "WPAD Autoconfigure for Squid" tutorial exactly. I added the appropriate entry to my DNS server (Windows Server 2012 if it matters), restarted my browser (Chrome), and tried to browse a site, but I was getting a "Proxy Misconfiguration" error, no sites at all would load, even my PFsense webconfigurator. So after panicking a bit, I reverted to a previous config, deleted the DNS entry and cleared my DNS cache. But I don't know what went wrong, so I'm hoping to get some help here.

    Traffic was getting directed from the Proxy to PFsense, as I have evidence in the log:

    Squid - Access Logs
Date	IP	Status	Address	User	Destination
20.05.2016 16:00:01	172.16.11.208	TCP_MISS/000	http://crl.microsoft.com/pki/crl/products/MicrosoftTimeStampPCA.crl	-	172.16.11.100
20.05.2016 15:59:55	172.16.11.208	TAG_NONE/503	kv401-prod.do.dsp.mp.microsoft.com:443	-	-
20.05.2016 15:59:55	172.16.11.208	TAG_NONE/503	geo-prod.do.dsp.mp.microsoft.com:443	-	-
20.05.2016 15:59:55	172.16.11.227	TCP_MISS_ABORTED/000	http://ssw.live.com/UploadData.aspx	-	172.16.11.100
20.05.2016 15:59:52	172.16.11.208	TAG_NONE/503	geo-prod.do.dsp.mp.microsoft.com:443	-	-
20.05.2016 15:59:52	172.16.11.208	TAG_NONE/503	geover-prod.do.dsp.mp.microsoft.com:443	-	-
20.05.2016 15:59:49	172.16.11.208	TAG_NONE/503	disc401-prod.do.dsp.mp.microsoft.com:443	-	-
20.05.2016 15:59:49	172.16.11.208	TAG_NONE/503	geover-prod.do.dsp.mp.microsoft.com:443	-	-
20.05.2016 15:59:49	172.16.11.208	TAG_NONE/503	kv401-prod.do.dsp.mp.microsoft.com:443	-	-
20.05.2016 15:59:47	172.16.11.208	TAG_NONE/503	disc401-prod.do.dsp.mp.microsoft.com:443	-	-

    Here's my wpad.dat (.100 is pfsense, the gateway)

    
function FindProxyForURL(url,host)
{
return "PROXY 172.16.11.100:3128";
}

    Squid is vesion 3.5.19
    PFsense version 2.3-RELEASE

    What's confusing to me is why I couldn't even load the web configurator. Since I entered the IP directly (172.16.11.100:9090), why was it being sent to the DNS server at all, and therefore being redirected to the Proxy? I'm sure this is just something in the config that I missed, but given the process to start it up, I can't really go ticking boxes and breaking the internet over and over.

    0
  • A

    for the wpad you need to go direct for local
    follow this https://forum.pfsense.org/index.php?topic=112335.0

    0
  • D

    That was it! Thank you.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy