Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SSL Man In the Middle Filtering not working - Please help.

    Scheduled Pinned Locked Moved Cache/Proxy
    11 Posts 3 Posters 2.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      venom3
      last edited by

      This post is deleted!
      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by

        Unless Squid is set up as transparent above, this won't do anything until you configure the clients.

        1 Reply Last reply Reply Quote 0
        • V
          venom3
          last edited by

          Squid is setup as transparent and has been working for years blocking regular http with squiguard. I created a cert and enabled ssl filtering but it does not work.

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by

            Perhaps look at the logs and post relevant info. Not using Squidguard, won't be of any assistence there. It works just fine without SG.

            1 Reply Last reply Reply Quote 0
            • V
              venom3
              last edited by

              which log would help? does squid have a log somewhere?

              1 Reply Last reply Reply Quote 0
              • D
                doktornotor Banned
                last edited by

                Kindly click the Real Time tab in Squid GUI configuration.

                1 Reply Last reply Reply Quote 0
                • V
                  venom3
                  last edited by

                  Thanks for trying to help me with this. It is working now.

                  1 Reply Last reply Reply Quote 0
                  • V
                    vielfede
                    last edited by

                    @doktornotor:

                    Perhaps look at the logs and post relevant info. Not using Squidguard, won't be of any assistence there. It works just fine without SG.

                    Sorry Dok, Maybe I missed something… although i read every squid manual in this forum... but... I do not understand, how can I filter sites without SG? Could you exlpain briefly please?

                    1 Reply Last reply Reply Quote 0
                    • V
                      vielfede
                      last edited by

                      @venom3:

                      Thanks for trying to help me with this. It is working now.

                      Sorry, could you please explain what you mean by "It is working now."

                      I mean:
                      Which method do you use? "Splice All"?
                      SSL Proxy Compatibility Mode?
                      REmote cert Cheeks?
                      Certificate Adapt?
                      Are you still using squidguard?

                      I'd like to get https filtering in transparent mode work finally… by now I had many problems... 
                      Thanks in advance
                      FV

                      1 Reply Last reply Reply Quote 0
                      • D
                        doktornotor Banned
                        last edited by

                        @vielfede:

                        Sorry Dok, Maybe I missed something… although i read every squid manual in this forum... but... I do not understand, how can I filter sites without SG? Could you exlpain briefly please?

                        Well, it's briefly explained in the Squid GUI when you click the i next to SSL/MITM Mode.

                        1 Reply Last reply Reply Quote 0
                        • V
                          vielfede
                          last edited by

                          @doktornotor:

                          @vielfede:

                          Sorry Dok, Maybe I missed something… although i read every squid manual in this forum... but... I do not understand, how can I filter sites without SG? Could you exlpain briefly please?

                          Well, it's briefly explained in the Squid GUI when you click the i next to SSL/MITM Mode.

                          Sorry again… I'm quite confused... but I understand SG is needed in Splice All…

                          Splice All: 
                          This configuration is suitable if you want to use the SquidGuard package for web filtering.
                          All destinations will be spliced. SquidGuard can do its job of denying or allowing destinations according its rules, as it does with HTTP.
                          You do not need to install the CA certificate configured below on clients.
                          Content filtering (such as Antivirus) will not be available for SSL sites. 
                          
                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.