Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to configure dual WAN with squid proxy

    Routing and Multi WAN
    2
    3
    5.6k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      ekses_dinajd
      last edited by

      Hi!
      Does anyone know how to handle this kind of situation?
      http://img242.imageshack.us/my.php?image=logicalshemerb1.jpg

      I'll try to explain my problem. As you can see in picture, i have proxy server that is connected to pfsense. There are also 2 more nics which connects two isp providers. One ISP is given me Cisco router, and this router is my default gateway when traffic is going on that direction. On the other side i have adsl modem and it's configured in bridge mode, so pfsense firewall is getting an ip address directly from ISP. My clients are using proxy settings in their browsers (ip address of proxy server and port 8080). All clients when going to internet are targeting squid proxy and then proxy is getting web pages for them.

      I would like to configure pfsense as load balanser for port 80. Also failover is important to work.

      I've tried to configure pfsense with help of this tutorial (http://doc.pfsense.org/index.php/MultiWanVersion1.2). But, that doesn't work.
      My logic tells me that rule (balansing rule) for that "proxy" zone should goes like this:
      that proxy host -> any destination port 80 gateway: load_balanse.

      On LAN side, i passed all traffic that targets port 8080 (squid) to "proxy zone".
      LAN -> "proxy zone" destination port 8080 gateway default pass.

      And when i test my connection to internet, web surfing is not working, but when pinging some web sites, it works. I guess, problem is with my dns servers, but they are configured as in tutorial.. One from one ISP, and the other from other ISP. It seems that problem relies on DNS, but don't know how to solve it.
      I forget to mention that i have internal dns server on that same mashine where is proxy, and it's configured as it should be, dns ip's of both ISP providers are there.

      Is it problem in bridge modem, and getting ip directly through PPPOE? Something else? Maybe concept of having proxy is wrong when try to have load balanser…

      Any ideas?

      THX!

      1 Reply Last reply Reply Quote 0
      • M
        maxthetor
        last edited by

        Hi guy, its concept is not this wrong. but to run your scenario you need to know two things.

        First :

        pfsense uses dnsforwarder,  So the real server is the DNS servers in your configuration of pfsense,
        leaving only the default route.
        so to solve this problem you must use a static route to one of the dns, leaving the OPT1, or using the dns in loadbalacing that he will do it for you

        Two:
        using proxy  the traffic leaving only in the default route(pfsense box , freebsd+pf, I know it happens with linux + iproute2 also).
        There are many ways to resolve this, using the policy tcp_outgoing_address the squid, but none officially in pfsense
        I have many problems with it and I am developing a solution for me, I hope you serve others, in brief

        1 Reply Last reply Reply Quote 0
        • M
          maxthetor
          last edited by

          sorry my poor english

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.