Explicit Proxy for mobile devices

  • LAYER 8


    I am using pfsense 2.2.6 with squid in transparent mode with SSL bumping. Off late I am experiencing trouble in accessing few of https sites. Certificates are installed in all the devices including mobiles.

    After going through the forum… I am planning to shift to explicit mode of squid proxy.

    I have few queries :

    1. Will I be able to block sites like facebook, youtube in desktops as well as MOBILES ( they have apps installed)

    2. Can I install the wpad file in windows server 2003/2008 so that it is automatically detected by desktops and mobiles.

    3. Will I have trouble accessing Play store or App store or itunes in mobiles.

    4. Sometime back when I was testing explicit mode I was not able to update Microsoft security essentials as microsoft.com blocks download behind a proxy. How to I overcome this.

    Thank you,

  • 1.  Yes, with the help of squidguard.

    2.  Yes, but make sure you run IIS in HTTP mode, not HTTPS.  WPAD directions for pfSense.

    3.  Not that I am aware of.

    4.  Never had this happen to me, but in squid's config options you need to check Disable VIA Header and set the X-Forwarded Header Mode to delete.  Without these changes, you are literally announcing to the world that you are proxied.

Log in to reply