Squid ssl proxy : NONE/200 X.X.X.X:443
-
Hi everyone,
I recently installed PFSense (2.4.5-RELEASE) in order to create a new secure Wi-Fi network + DMZ access on my website.
My goal is to secure the LAN flows to the WAN through the squid proxy (http & https) thanks to the antivirus. To do this, I need to use the SSL BUMP method.
However, I encounter a major problem: each time outgoing HTTPS connections pass through an IP address which does not have an associated DNS name, I have a NONE / 200 X.X.X.X: 443 error.
This gives me a lot of concerns, especially for mobile applications which sometimes use this method (ex: snapchat, skype). I specify that I want to allow everything, my goal is really to split the connections in order to analyze and block viruses.
I specify that I have carried out all the basic configuration steps and that I have all the prerequisites normally (dns first, CA installed on client workstations on the LAN network etc.) and that the https websites are accessible (exe : google in HTTPS is ok). My firewall rules are good (no squid, no access issues)
My question is: how to authorize all IP addresses and how to authorize all domains so that squid accepts and relays all flows? and all domain names? (I tested ANY, ALL, no result ...)
Squid version: squid-4.4_1Thanks in advance for your help: D
-
@guez I also specify that I use the transparent mode. If the solution is to configure a proxy by DHCP, that does not concern me and thank you to indicate it to me