• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Forcing all Web traffic to advanced proxy authentication server/forcing proxy

Scheduled Pinned Locked Moved General pfSense Questions
3 Posts 2 Posters 3.6k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    dulli1
    last edited by Oct 17, 2008, 4:27 PM

    I am trying to setup pfsense to force all Web traffic to a separate proxy server that authenticates users against a W2K3 AD.  I have tried creating firewall rules and have looked into using CP, but I haven't found a way to do this.  An example would be the setting in Sonicwalls where you click a button under "force proxy" and put the IP address of the proxy server.

    Basically I am trying to route port 80 and 443 traffic on the LAN side to a proxy on the LAN that does the authentication against AD and filtering.  I would like to send all other traffic through to the WAN interface on pfsense.

    Thank you.

    1 Reply Last reply Reply Quote 0
    • C
      Cry Havok
      last edited by Oct 17, 2008, 6:26 PM

      Block outbound traffic on 80/TCP and 443/TCP for anything but the proxy server IP.

      1 Reply Last reply Reply Quote 0
      • D
        dulli1
        last edited by Oct 23, 2008, 4:52 PM

        Thanks for the reply.  Unfortunately I still have not been able to get this to work.  Let me give a little more detail.

        Pfsense - LAN = 172.16.0.1 WAN = unique public IP
        Endian proxy - LAN = 172.16.0.2 WAN = unique public IP

        The proxy works on port 8080.  I tried passing all port 80 and 443 traffic to the proxy IP with destination port of 8080 (on the LAN subnet).  That did not work.  I even tried adding a third rule after the port 80 and 443 redirect rules giving all other ports access.  All I am trying to do is redirect Web traffic to port 8080 on my proxy machine.  Sounds easy but I am missing something.  Any ideas?  Thanks.

        1 Reply Last reply Reply Quote 0
        1 out of 3
        • First post
          1/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received