Squid with Upstream Proxy - Config
-
@stephenw10 the link you send is for the proxy for the appliance itself not squid no?
-
@shocko Your pfsense proxy talks to an upstream proxy, correct? The link provided are the settings you need to potentially modify.
-
@michmoor said in Squid with Upstream Proxy - Config:
Your pfsense proxy
The squid package/service running in transparent proxy mode needs to talk to an upstream proxy. The pfsense appliance proxy used for appliance updates/package pull etc is a different thing no? That link states as much:
If this firewall resides in a network which requires a proxy for outbound Internet access, enter the proxy options in this section so that requests from the firewall for items such as packages and updates will be sent through the proxy.
-
Squid is a service running on the firewall that opens TCP connections outbound like any other service. Have tried adding the proxy there?
Squid can probably use an upstream proxy directly though if you add some custom config.
-
Looks like we simply use the cache_peer directive in the pre-auth custom section. Problem is upstream you need a proxy that accepts TLS.
-
Why do you say that? Looks like you would need to specify TLS for the peer to use it to me.
http://www.squid-cache.org/Versions/v5/cfgman/cache_peer.html
-
@stephenw10 said in Squid with Upstream Proxy - Config:
Why do you say that? Looks like you would need to specify TLS for the peer to use it to me.
http://www.squid-cache.org/Versions/v5/cfgman/cache_peer.html
We observed this on the wire.
-
You didn't specify TLS and it was still trying to use it?
-
@stephenw10 Yes seems so.
-
Any ideas anyone?
