• Hi there,

    I have setup PFSense with a Squid Proxy and a CP for a guest WiFi and it works fine for http traffic.  However, HTTPS traffic does not seem to be blocked, which I understand why.

    I am aware that you can install a Certificate on client machines.  However for a guest network, that's not going to happen.

    I have entered OpenDNS/Norton Connect Safe IP addresses into the actual DHCP settings under DNS, so that the client gets these OpenDNS addresses.  However the CP stops working because of DNS issues.

    Anyone else with the same issue?

    Is there an easy fix for this?

    Thanks
    Stinkfly


  • try this:

    • remove adjusted dns settings
    • remove/disable squid


  • Just updating this thread in case it helps someone else

    • Removed adjusted DNS Settings in DHCP Server for that interface

    • Entered Norton ConnectSafe IP in System ->General Setup under DNS Servers
      Doesn't matter the order of DNS Servers

    • DNS Resolver -> under DNS Query Forwarding, check 'Enable Forwarding Mode'

    BTW, I'm running PF 2.3.4 and using Norton because OpenDNS does not support DNSSEC

    Cheers and thanks
    Stinkfly