Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help Needed: PS4 + Pfsense + Squid + SSL Man in the Middle

    Scheduled Pinned Locked Moved General pfSense Questions
    4 Posts 2 Posters 661 Views 2 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I Offline
      inspiredsquid
      last edited by

      Hi,

      I need some help resolving an issue that is preventing the PS4 going online via Pfsense and Squid with SSL Man in the Middle Filtering .

      Problem: I have recently installed Pfsense and Squid SSL MITM & Transparent Proxy enabled. The PS4 is not able to connect to online services, the error message on the PS4 is “Having problems communicating with Epic Online Services. Please try again in a few minutes.”

      When the SSL Man in the Middle filtering is disabled it works and PS4 can connect to online services but when SSL MITM is enabled is does not.

      Home Environment: PS4 IP 10.0.0.1 with proxy setting 10.0.0.2 on port 3128, Pfsense WAN IP 10.0.0.3 LAN IP 10.0.0.2. Pfsense server with Squid proxy server with Transparent HTTP Proxy and SSL Man in the Middle Filtering enabled with self signed CA and access log forwarded to Splunk.

      Any help to configure Pfsense and or Squid to make the PS4 work and communicate with online services and write the full url from the PS4 to the squid access log would be appreciated. If it helps the PS4 shows NAT 2 and is successful with the PS4 internet test.

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        Did you import the CA cert or are you using splice mode? (FQDNs only).

        Have you tried whitelisting the PS4 IP or target IPs?

        Do you see it's connection attempts blocked in the Squid/Squidguard logs?

        Steve

        I 1 Reply Last reply Reply Quote 0
        • I Offline
          inspiredsquid @stephenw10
          last edited by

          @stephenw10 Thanks for getting back to me I have installed self signed CA, did have Splice Whitelist and Bump Other but as mentioned it stopped Epic Games server communication, I changed to Splice All and it lets connectivity by no url which is what I need for determining how long someone is on an epic game. I have whitelisted the PS4 but do not know the Epic game server. Where exactly do I go in PfSense to check out the connectivity failing in the logs?

          1 Reply Last reply Reply Quote 0
          • stephenw10S Offline
            stephenw10 Netgate Administrator
            last edited by

            It's possible it's being blocked be something other than Squid so check the firewall logs. Check Snort/Suricata if you're running them.

            You should see connections from the PS4 logged in the Squid realtime logs. So are conections to the Epic severs shows as passed or some errors?

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.