Squid + SquidGuard not reliable

JonathanLee

@michmoor Thanks,

I sometimes have issues with the splash screen as it gets mixed up with the SSL certificate of the proxy over the pfSense at times,

(Image: Squid stopped a https virus before it got to my system, with splashscreen)

It does work good it's just you have to accept remote ssl with errors to make it CLAM AV work, I wish it would auto accept the SSL of the Squid and remote check the others. That is my main issue right now finding a way to make it say ignore the splashscreen SSL cert and go ahead and check the others. The Splashscreen SSL is an SSL that was made with open ssl inside of Squid proxy)

(NOTE: You must use the SSL certificate that is issued from SQUID proxy via command line and import it into the firewall, not the other way arround, I could never get it to work via the firewall into the proxy)

Meaning Squid is the CA "Certificate authority" And that certificate is used by Pfsense as an imported certificate.

I am going to test the upstream proxy certificate and set it to the pfsense certificate and see if that helps.

michmoor

@jonathanlee Hey Jon. Wanted to follow up here. I got WPAD working with the help of an Apache server. Took about 1hr of googling as im not a sysadmin but its working flawlessly.
During this process i discovered that SquidGuard does not work well with Transparent mode. This is the need for WPAD comes into play.
Really grateful for your help here.