Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid Configuration Problem

    Scheduled Pinned Locked Moved Cache/Proxy
    5 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      Gromet
      last edited by

      Hi all,

      New to pfsense/squid.

      I have 3 interfaces:
      LAN
      WAN
      EXPRESSVPN

      All lan/DNS traffic goes over my exprtessVPN OpenVPN.

      Squid configured on LAN interface and transparent interface is LAN as well.

      Everything seems to be working but when I turn Squid on, my ip address changes from the encrypted VPN wo the WAN IP. Turnn Squid Off back to the VPN IP.

      Why is Squid rerouting me over the WAN?

      Thanks for any help!
      -Gromet

      1 Reply Last reply Reply Quote 0
      • S
        securvark
        last edited by

        I have the same issue.

        My default gateway on the pfsense box is to my WAN (direct DSL) interface. FIrewall rules and routing make sure specific traffic from LAN net is routed to the OpenVPN interface. So when I set my client gateway to the pfsense box, I get my VPN public IP back. When I configure the squid proxy in my browser, the external IP switches to my ISP external IP.

        I beleive I understand why this is happening, the default gateway is set to the DSL interface, direct internet connection. When traffic passes through pfsense, its picked up by the firewall rules and routing and goes out over VPN.

        When using the proxy, the traffic is sent from the browser to the pfsense box, which sends it out to the default gateway.

        I tried to fix this by making rules for traffic originating from pfsense itself, but this doesn't work.

        I don't want to change my default gateway.

        So my question is, what kind of rule do I configure (or maybe change squid config?) to make squid go out over VPN?

        I've been searching for a while now and haven't been able to figure it out.

        Would really appreciate some help!

        Thanks!!

        1 Reply Last reply Reply Quote 0
        • S
          securvark
          last edited by

          Ow I just found this:

          https://airvpn.org/topic/17444-how-to-set-up-pfsense-23-for-airvpn/?p=59572

          Basically, if he's correct, Squid is hard programmed to use the default gateway no matter what.

          There is apparently a way, but it involves manual iptables configuration. Too involved for me.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            pfSense doesn't use iptables.

            1 Reply Last reply Reply Quote 0
            • S
              securvark
              last edited by

              sorry Linux guy here … corrected above  8).

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.