Pfsense in Home environment



  • Hi Guys

    I am using Pfsense in Home environment for web filtering and caching.

    I checked Transparent proxy for minimum configuration at client side

    now I setup my pfsense for SSL Filtering I create a certificate and download it at client

    If client is computer then everything is ok but if client is smart phone or tablet then apps for facebook viber
    and whatapp is not working, although https site is working fine.

    I did not change any thing in rules. Rules are as it is by default.

    Please let me know What should I do ?

    Thank you


  • LAYER 8 Global Moderator

    Why would you be doing MITM on ssl in a home setup?  Yeah that is going to have problems with devices that do not trust the CA that is creating the certs for the different ssl sites you go to.

    If you want to mitm your ssl connections then all devices using your proxy would have to trust the CA your using or yeah they are going to balk at the certs you generate.

    To be honest in a home setup, I don't really see the advantage to proxy at all.  Unless your trying to filter your teenage boys from surfing porn?  Your cache is not really going to save you much, pretty much all the stuff you would be caching would be done by the browsers anyway.  So unless you have lots and lots of uses and want to cache those images from websites so they don't all have to use your internet connection to download the pfsense logo jpg, etc.



  • @satifhussainr:

    Hi Guys

    I am using Pfsense in Home environment for web filtering and caching.

    I checked Transparent proxy for minimum configuration at client side

    now I setup my pfsense for SSL Filtering I create a certificate and download it at client

    If client is computer then everything is ok but if client is smart phone or tablet then apps for facebook viber
    and whatapp is not working, although https site is working fine.

    I did not change any thing in rules. Rules are as it is by default.

    Please let me know What should I do ?

    Thank you

    We have the same problem. Everything both HTTP and HTTPS are working for PCs and smartphones web browsers. But facebook application for android and iphone cannot access.



  • @remzej:

    @satifhussainr:

    Hi Guys

    I am using Pfsense in Home environment for web filtering and caching.

    I checked Transparent proxy for minimum configuration at client side

    now I setup my pfsense for SSL Filtering I create a certificate and download it at client

    If client is computer then everything is ok but if client is smart phone or tablet then apps for facebook viber
    and whatapp is not working, although https site is working fine.

    I did not change any thing in rules. Rules are as it is by default.

    Please let me know What should I do ?

    Thank you

    We have the same problem. Everything both HTTP and HTTPS are working for PCs and smartphones web browsers. But facebook application for android and iphone cannot access.

    You have the same problem ?
    Then why wouldn't you accept the answer already given (== stop the MTM stuff - NSA might pull this one of, 'we' : never) ?



  • @Gertjan:

    @remzej:

    @satifhussainr:

    Hi Guys

    I am using Pfsense in Home environment for web filtering and caching.

    I checked Transparent proxy for minimum configuration at client side

    now I setup my pfsense for SSL Filtering I create a certificate and download it at client

    If client is computer then everything is ok but if client is smart phone or tablet then apps for facebook viber
    and whatapp is not working, although https site is working fine.

    I did not change any thing in rules. Rules are as it is by default.

    Please let me know What should I do ?

    Thank you

    We have the same problem. Everything both HTTP and HTTPS are working for PCs and smartphones web browsers. But facebook application for android and iphone cannot access.

    You have the same problem ?
    Then why wouldn't you accept the answer already given (== stop the MTM stuff - NSA might pull this one of, 'we' : never) ?

    Thanks! I already found other options that still meets our requirements.


Log in to reply