Moving from BlueCoat to PfSense and issue with Squidguard
-
Good morning,
I am in the process of replacing all of my BlueCoat ProxySG (BC) web filters with PfSense. All of my BC's are inline in between the Cisco router and a Cisco switch. In the BC the ports are bridged together and and traffic flows through it without any issues and filtering works great. First I was not successful in getting any traffic to pass when I hooked up the WAN and LAN interfaces individually. I have since bridged the WAN and LAN to give me a OPT1 interface and now I have the unit inline…first issue down. Now, with the bridge up and functional, I changed the net.link.bridge.pfil_bridge from 0 to 1 to capture the traffic and filter it (Starting with porn for the filter). Now, with that set to 1 and net.link.bridge.pfil_member set to 0 from 1 I cannot get port 80 traffic to pass through the unit. I have the FW setup to allow all port 80 traffic for the bridge, but it will not pass. I can get 443 traffic to pass all day, just not 80. This is my first experience with PfSense and it looks like a great product and I am having a hard time believing this can't do the same things a BlueCoat can.Has anyone ever done this type of setup? Can someone help out with this type of configuration?