Input needed - Squid and Allow internet access only for authenticated users

  • I would like to setup squid authentication in the PfSense box. Today I have transparent mode set to grab all traffic. I also have lightsquid for logging. But, i have the need to match the logging to users and, therefore ldap authentication would be ideal. We have the problem thought that people only need to install Chrome or firefox and such they can bypass the proxy server simply by not writing the proxy adress in the proxy field.

    However, would it work by setting up a rule to deny traffic from LAN to any port 80 and setting the proxy to work with another port. And such, the only way to access the Internet would be through the proxy since all other traffic is denied.

    Or, am I thinking wrong here? Any other tips on how to force people through the auth proxy?

  • Either blocking access on port 80 or using a port redirect (More user friendly) will work as will configuring squid to listen on port 80 on the lan interface. The latter requires that you alter the web administration interface port for pfsense.

  • Hey lordarcane.

    Did u already fix this?
      I want to do the same thing.


Log in to reply