Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Squidguard proxy filter unable to filter content from Wireless client

    Cache/Proxy
    2
    7
    1961
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nib01 last edited by

      I've both Squid Proxy Server and Squid guard configured on my pfsense 2.3.2

      So under Squid Proxy Server ACLs menu > Allowed Subnets" is populated with my router IP and subnet (192.168.1.0/24), and under  Squid allowed Ports > ACL SafePorts: 80 443.

      All client including wireless devices are directly connected to my AP (Linksys dd-wrt), which is it plugged in to one of the LAN port on pfsense router.

      So the main problem here is that all wireless clients that's connected to AP are not responding to the content filtering except to the client that's connected hardwire.

      I followed below tutorial for the rest of my configuration:

      https://www.howtoforge.com/pfsense-squid-squidguard-traffic-shaping-tutorial

      1 Reply Last reply Reply Quote 0
      • N
        nib01 last edited by

        Anyone?

        1 Reply Last reply Reply Quote 0
        • C
          chris4916 last edited by

          With information you provide, I've to admit that I don't understand what, from pfSense perspective, could distinguish wired client from wireless client.
          Which means that there is, apparently, no reason to have some clients using proxy and some others not.

          The real question, and I didn't follow your "howto" link, frankly speaking, is to understand how you configured your proxy.
          Is it explicit or transparent proxy?
          Do you confirm that all your clients (LAN and Wifi) are on same subnet?

          How ave you configured your AP?
          With dedicated DHCP server for wifi devices?

          1 Reply Last reply Reply Quote 0
          • N
            nib01 last edited by

            I actually found this "howto" from online somewhere.

            It's currently configured as Transparent proxy ( not sure why explicit proxy is not available)

            I confirmed all clients are in the same subnet LAN and wifi.

            I am using dd-wrt flashed router. Wireless mode setup as AP. Pfsense router serve as main DHCP server on entire network.

            1 Reply Last reply Reply Quote 0
            • C
              chris4916 last edited by

              Well, I can't spend time reading this howto.

              If all devices are on same subnet and access pfSense the same way, there is no reason for having different behaviour regarding HTTP proxy.
              You should explain better, with some detail, what occurs and what makes you determine that issue is with wireless devices only.

              Keep in mind that transparent proxy, unless MITM is configured, will not filter HTTPS.

              1 Reply Last reply Reply Quote 0
              • N
                nib01 last edited by

                See below current configuration:

                Linksys AP> 4 active LAN port and Wireless
                Management IP: 192.168.1.10
                GATEWAY: 192.168.1.1 (pfsense router)
                DHCP: disabled
                Wireless mode: configured as AP  (all wireless client connects here)

                Pfsense Router: DHCP server; DNS: 8.8.8.8;  Squid Proxy server (transparent & MITM) and squidguard proxy filter.

                All clients including wireless devices are getting IPs from DHCP server (pfsense router) with their respective hostnames and no issue there.

                I've double checked Squidguard filter ACLs and squidguard proxy server configuration everything there seems to be correct.

                Am I missing something here?

                1 Reply Last reply Reply Quote 0
                • C
                  chris4916 last edited by

                  @nib01:

                  Am I missing something here?

                  I don't think so, except perhaps to explain what is then the behaviour from client perspective.
                  Any error message, time-out?

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post

                  Products

                  • Platform Overview
                  • TNSR
                  • pfSense Plus
                  • Appliances

                  Services

                  • Training
                  • Professional Services

                  Support

                  • Subscription Plans
                  • Contact Support
                  • Product Lifecycle
                  • Documentation

                  News

                  • Media Coverage
                  • Press
                  • Events

                  Resources

                  • Blog
                  • FAQ
                  • Find a Partner
                  • Resource Library
                  • Security Information

                  Company

                  • About Us
                  • Careers
                  • Partners
                  • Contact Us
                  • Legal
                  Our Mission

                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                  Subscribe to our Newsletter

                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                  © 2021 Rubicon Communications, LLC | Privacy Policy