OpenVPN traffic not routing through Squid



  • Hello folks. Running into a bit of a snag. To start things off, below is the tutorial I ran through for setting up OpenVPN. I am able to connect through the VPN but none of the traffic is going through the Squid/SquidGuard setup. Squid/SquidGuard is working fine on the existing LAN network.

    https://www.sparklabs.com/support/kb/article/setting-up-an-openvpn-server-with-pfsense-and-viscosity/

    Here is what I have and what I've checked after reading the docs, other forum posts and googling…

    pfSense 2.3.2-RELEASE on a SG-2220

    --LAN network is 192.168.1.0/24

    --OpenVPN network is 192.168.2.0/24

    Under Squid > ACL's I have added "192.168.2.0/24" under Allowed Subnets

    Proxy Interfaces(s) has LAN, WAN and OpenVPN selected.

    Transparent HTTP Proxy remains selected, as it has been from the start

    Transparent Proxy Interface(s) has LAN, WAN and OpenVPN selected

    A couple things to note. Following the above tutorial, there was no mention of creating the OpenVPN interface, however I saw that creating it and then selecting it had solved some else similar problem. While I do have it created and enabled, the IPv4 and IPv6 configuration type is set to None. This seems wrong, but I don't know if it's at the heart of the problem. Reading up on docs I'm not able to determine if I should map IPv4 to a static or dhcp configuration, or if that isn't needed because the OpenVPN config is handling the IP's. Can you tell this is my first VPN set up?

    Any thoughts on this one? I'm looking for folks to be have VPN capability and receive the same proxy experience.

    Thanks



  • Hi,

    I have a similar situation in my pfSense server:

    • OpenVPN server created and forcing all traffic through tunnel (redirect gateway)
    • Squid + SquidGuard configured to filter traffic to web

    Ordinary clients from LAN network have their web traffic filtered by Squid.
    The external clients connected through OpenVPN server does NOT have traffic filtered by Squid.

    How can I force any vpn external client to have its traffic filtered by Squid ?

    Thank you.



  • I have the same issue with a IKEv2 VPN. The VPN clients don't route through squid / squidguard.
    Does anybody have a solution / configuration to get this working together?


Log in to reply