how to route openvpn tunnel traffic through squid proxy server?
-
hi guys.
i have this system that i used two pfSense machine. pfSense-2 is my server and also i installed and configured squid http proxy on wan interface of this machine.
I also configured pfsense-1 as client to site for connecting client to pfsense-1. I want to route all of client traffic through squid proxy server that installed and configued on pfSense-2. when i used ptoxy server address and port on pfSense-1 at /vpn/openvpn/client config i do not get any error but my openvpn server will disable and not working. how i can route my openvpn tunnel traffic (client traffic) through squid proxy server?This is my openvpn logfile :
Aug 31 08:51:01 irpf openvpn[5453]: Options error: --http-proxy MUST be used in TCP Client mode (i.e. --proto tcp-client) Aug 31 08:51:01 irpf openvpn[5453]: Use --help for more information. Aug 31 08:51:05 irpf openvpn[19782]: Cipher negotiation is disabled since neither P2MP client nor server mode is enabled Aug 31 08:51:05 irpf openvpn[19782]: Options error: --http-proxy MUST be used in TCP Client mode (i.e. --proto tcp-client) Aug 31 08:51:05 irpf openvpn[19782]: Use --help for more information. Aug 31 08:51:12 irpf openvpn[29258]: MANAGEMENT: Client connected from /var/etc/openvpn/server1/sock Aug 31 08:51:12 irpf openvpn[29258]: MANAGEMENT: CMD 'status 2' Aug 31 08:51:13 irpf openvpn[29258]: MANAGEMENT: CMD 'quit' Aug 31 08:51:13 irpf openvpn[29258]: MANAGEMENT: Client disconnected Aug 31 08:52:14 irpf openvpn[29258]: MANAGEMENT: Client connected from /var/etc/openvpn/server1/sock Aug 31 08:52:14 irpf openvpn[29258]: MANAGEMENT: CMD 'status 2' Aug 31 08:52:14 irpf openvpn[29258]: MANAGEMENT: CMD 'quit' Aug 31 08:52:14 irpf openvpn[29258]: MANAGEMENT: Client disconnected
-
can anyone help me please?
-
@usus1 said in how to route openvpn tunnel traffic through squid proxy server?:
This setting is meant to route the OpenVPN client connection through a proxy. In this case the P2P client connection between A and B.@usus1 said in how to route openvpn tunnel traffic through squid proxy server?:
I want to route all of client traffic through squid proxy server that installed and configued on pfSense-2.
But this let me assume, you only want to route the site A access servers clients traffic through the proxy.
Now what do you want to achieve exactly?
-
@viragomann
I think the goal is to get user traffic from pf-2 out of the proxy tunnel so that the proxy can insert its own header on packet. Is this possible? How about? -
@umm12
Should be possible.Is your P2P VPN between pf1 and 2 configured properly already, so that access server clients can access local networks at site 2? Presumed you have already removed the IP from the proxy box.
If so, you should only have to add the proxy IP to the Remote networks on pf1 to direct the traffic over the tunnel. -
@viragomann
hi my friend.
i want to route my openvpn traffic through squid proxy server on pf-2.
also our information is:
pf-1 ip : 100.2.21.5 (as client in site to site and server as client to site configuration)
pf-2 ip: 25.61.25.32 (as server in site to site configuration)
my proxy server: 25.64.25.32:6000
how i can add this as remote ip in pf-1? -
@umm12 said in how to route openvpn tunnel traffic through squid proxy server?:
my proxy server: 25.64.25.32:6000
how i can add this as remote ip in pf-1?As mentioned, you should only have to add that IP to the remote networks in the p1 clients settings.
Okay forgotten: you have to direct the vpn clients traffic to this IP by policy routing on the incoming interface.
-
@viragomann said in how to route openvpn tunnel traffic through squid proxy server?:
As mentioned, you should only have to add that IP to the remote networks in the p1 clients settings.
but i have port 6000 for squid proxy server. I do not use this port on Remote networks on client side of Pf-1???
Okay forgotten: you have to direct the vpn clients traffic to this IP by policy routing on the incoming interface.
I dont understand this. Can you explain this more?
-
@umm12 said in how to route openvpn tunnel traffic through squid proxy server?:
but i have port 6000 for squid proxy server. I do not use this port on Remote networks on client side of Pf-1???
So you want to use the proxy in transparent mode, but on port 6000?
I‘m not really family with proxying, but don’t think it can work this way. Maybe it does when you forward the traffic to port 6000 on pf1.