auth and unauth squid proxy in parallel

adamw · Dec 13, 2018, 11:33 AM

Hi all,

Currently I'm running squid 3.1.20 on Debian and have it configured as a transparent http/https proxy without intercepting SSL connections.
Client browsers pick up settings from proxy.pac file automatically.
The default access is unauthenticated but we also have "aproxy".
The name resolves to a different apache server which handles http authentication and forwards to proxy.
Authenticated access is useful for different types of tests our software developers run internally.

I'm trying to port all this functionality to pfSense (+ DHCP hopefully including WPAD/PAC) without needing to rely on any additional servers.

My questions:

Is it possible to run authenticated and unauthenticated instance in parallel?
Is it possible to serve wpad.dat / proxy.pac file from the firewall?

Thanks,
Adam

jimp · Dec 13, 2018, 7:29 PM

No
Not ideally, maybe if you have an ACME/LE trusted cert but even then I would not recommend treating your firewall as a general purpose web server.