Squid (Captive Portal Authentication) + Captive Portal -> https "Access Denied"
This is my first time playing with pfsense (2.3.2), trying to evaluate it for a semi open wireless network.
I've setup Squid, SquidGuard and Captive Portal. In the end multiple users should be able to login (over a wireless network) at the Captive portal with their username/password and their traffic being logged with squid.
Reason for this is that I would like to block specific content via Squidguard (e.g. porn, warez) and be able to track down legal violations to a specific user.
The current problem I have is that when I set "Authentication Method" to "Captive Portal" in the settings for Squid Proxy Server all HTTP request will result in:
The requested URL could not be retrieved
The following error was encountered while trying to retrieve the URL: http://somedomain?
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.
Your cache administrator is admin@localhost."
HTTPS request still pass through as normal.
If I set Authentication to None under Squid, everything works fine.
Does anyone have an idea where the problem could be located. or if i could reach my goal on a different way?
Thank you very much!
System -> Package Manager -> Available Packages
installed squid and squidGuard
Services -> Squid Proxy Server -> Local Cache
increased "Hard Disk Cache Size" to 1000
Services -> Squid Proxy Server -> General
enabled "Enable Squid Proxy"
set interface to "LAN"
enabled "Transparent HTTP Proxy"
enables "Enable Access Logging"
Services -> Squid Proxy Server -> Authentication
set "Authentication Method" to Captive Portal
Services -> Captive Portal
add zone for your LAN network
set Interface to "LAN"
set "Authentication method" to "Local User Manager / Vouchers"
System -> User Manager -> Users
Add a user
add "User - Services: Captive Portal login" to "Effective Privileges"
(or disable this required privilege under Services -> Captive Portal)
Services -> SquidGuard Proxy Filter -> General Settings
enabled "Enable GUI log"
enabled "Enable log"
Services -> SquidGuard Proxy Filter -> Blacklist
Services -> SquidGuard Proxy Filter -> Common ACL
Set default to allow under "Target Rules" (default if block all)
Switching to non transparent proxy results in the same problem.
Have you or anyone else found a solution to this? I am stuck with the same problem!