Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid ovpns1 int

    Scheduled Pinned Locked Moved Cache/Proxy
    5 Posts 2 Posters 749 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mcury Rebel Alliance
      last edited by

      Hi, I`m trying to configure openvpn users to use squidguard.
      The objective here is to once users are authenticated by openvpn, they get filtered by a profile from squidguard.

      ==
      scenario: (client to site VPN)

      sg-3100 (2.4.2, all packets lastest version) default gateway from LAN
      squid+squidguard running in explict mode (clients using PAC file).
      squid and squidguard authentication are OFF

      openvpn auth goes:

      1 - vpn user reaches vpn server (user auth+ssl cert) > radius(freeradius3 built in Pfsense)
      2 - client specific override getting him a static IP based on his name.

      So now we have a openvpn user with a static IP address that we can use in firewall rules, and i want to use inside squidguard too.

      The problems im currently facing is:

      Squid configuration doesn`t show openvpn interface, so i can set it to listen on it (shows only my vlans and wan).
      Is there somehow to make squid to listen on openvpn interface (ovpns1) too?

      dead on arrival, nowhere to be found.

      1 Reply Last reply Reply Quote 0
      • P
        PiBa
        last edited by

        interfaces/assign, add the ovpns1 as a pfSense interface like OPT123, enable it, after that is will probably show up on squid.. and firewall rules can be managed separately..

        1 Reply Last reply Reply Quote 0
        • M
          mcury Rebel Alliance
          last edited by

          Hi, thanks for answering, however it didn`t work as expected.

          By doing that, I got two openvpn interface tabs for firewall rules (OpenVPN tab created during OpenVPN setup and a OPT interface just created as you mentioned), and VPN traffic starts to get dropped by Firewall, even with permit IP any any in both tabs.

          Did i miss something?

          dead on arrival, nowhere to be found.

          1 Reply Last reply Reply Quote 0
          • M
            mcury Rebel Alliance
            last edited by

            It worked, thanks a lot.
            It`s perfect, working in explict or transparent mode.

            Best regards

            dead on arrival, nowhere to be found.

            1 Reply Last reply Reply Quote 0
            • P
              PiBa
              last edited by

              might try to restart the openvpn service.?. other than that it 'should work' at least for the regular traffic.. (i never tried together with squid for the vpn..)

              Edit:
              ah it works.? great :)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.