Moving from BlueCoat to PfSense and issue with Squidguard



  • Good morning,
    I am in the process of replacing all of my BlueCoat ProxySG (BC) web filters with PfSense.  All of my BC's are inline in between the Cisco router and a Cisco switch.  In the BC the ports are bridged together and  and traffic flows through it without any issues and filtering works great.  First I was not successful in getting any traffic to pass when I hooked up the WAN and LAN interfaces individually.  I have since bridged the WAN and LAN to give me a OPT1 interface and now I have the unit inline…first issue down.  Now, with the bridge up and functional, I changed the net.link.bridge.pfil_bridge from 0 to 1 to capture the traffic and filter it (Starting with porn for the filter).  Now, with that set to 1 and net.link.bridge.pfil_member set to 0 from 1 I cannot get port 80 traffic to pass through the unit.  I have the FW setup to allow all port 80 traffic for the bridge, but it will not pass.  I can get 443 traffic to pass all day, just not 80.  This is my first experience with PfSense and it looks like a great product and I am having a hard time believing this can't do the same things a BlueCoat can.

    Has anyone ever done this type of setup?  Can someone help out with this type of configuration?


Log in to reply