Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Issues opening sites with ports assigned to them. Squid / Pfsense

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 2 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      elcid
      last edited by

      Hi everyone.

      First of all , thanks everyone for their support!

      I am having issues opening any site , really, if they have an out of the ordinary port number assigned to them.

      for example https://www.test.com:444

      in the above scenario, as you probably know, its due to the fact that the destination end already have port 443 taken, as such, it accepts inbound at 444 then forwards the call to an internal server at 443.  typical port forwarding.

      I have also come across issues opening other sites with any other random ports such as:

      http://test.test.com:3421

      It either times out or gives me a dns resolution error.

      I have gone through to what I think is the correct thing to do.  I have added the additional ports to be trusted under the proxy settings , I have created new targets and assign the whitelisted urls, I have also gone through the proxy settings and have told the server to bypass destination IPs and entered the problematic sites.

      I have saved, restarted proxy services, even done a complete restart.

      Nothing helps.

      I am wondering if one of you guys have come across a similiar issue and how I can force the proxy to allow the port to go through/site.

      It almost feels like the GUI is not actually writting the changes?

      once again, many thanks everyone.

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        You need to allow non-standard low ports for HTTPS in Squid. ACLs > ACL SSLPorts. If test.com is a real example. well I won't be testing anything with that, it's on malware blacklists.

        1 Reply Last reply Reply Quote 0
        • E
          elcid
          last edited by

          @doktornotor:

          You need to allow non-standard low ports for HTTPS in Squid. ACLs > ACL SSLPorts. If test.com is a real example. well I won't be testing anything with that, it's on malware blacklists.

          Thanks so much for the reply.  I do have the port already entered under Squid / ACL / " Squid Allowed Ports" in both ACL safeports and ACL SSLPorts

          If i uncheck the browser  proxy configuration it works flawlessly. I wonder if maybe the GUI not writting the config?

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            GUI is writing config just fine, as you can check by looking at /usr/local/etc/squid/squid.conf

            1 Reply Last reply Reply Quote 0
            • E
              elcid
              last edited by

              thank you.  I will double check and again, thanks! hope some day I will be able to contribute my knowledge with other noobs as myself. :)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.