Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense+Squid+Squidguard+Active Directory

    Scheduled Pinned Locked Moved Cache/Proxy
    5 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Q
      quemadera
      last edited by

      Hi there:
      I have a virtual machine with pfsense version 2.7.0 and a single network interface, my project is to put squid authentication with active directory with squidguard taking advantage of the active directory groups to filter the traffic of each department of my company. But I can't get it to work properly. After installing squid and squidguard they don't work.
      First I enable only squid to pre-configure everything and right from the start, without setting any authentication method and without creating any local users, users can browse without any problem. Then, when I set up a local user and choose the local authentication method, it starts asking for username and password, but as I do not want that, I set the LDAP authentication method. Then I use this line:
      (&(objectClass=person)(sAMAccountName=%s))
      I manage to authenticate the users, but this is not enough because I want to create groups, so I go to squidguard and import the blacklists to create ACL, both common and groups, but no matter which group I put the user in to authenticate, the user continues to browse without restrictions.
      I know that this explanation, despite its length, does not shed any light on the causes of my problem, but could someone help me?
      Thanks in advance.

      perikoP 1 Reply Last reply Reply Quote 0
      • perikoP
        periko @quemadera
        last edited by

        @quemadera check this plugin: pf2ad

        Necesitan Soporte de Pfsense en México?/Need Pfsense Support in Mexico?
        www.bajaopensolutions.com
        https://www.facebook.com/BajaOpenSolutions
        Quieres aprender PfSense, visita mi canal de youtube:
        https://www.youtube.com/c/PedroMorenoBOS

        Q 1 Reply Last reply Reply Quote 0
        • Q
          quemadera @periko
          last edited by

          @periko PF2AD's project is great, but unfortunately I don't have the money to implement it. Im from Cuba.
          Sheers

          M 1 Reply Last reply Reply Quote 0
          • M
            mcury @quemadera
            last edited by

            @quemadera said in Pfsense+Squid+Squidguard+Active Directory:

            PF2AD's project is great, but unfortunately I don't have the money to implement it.

            You can try this method. It will use Kerberos by importing keytabs to Squid.
            https://journeyofthegeek.com/2017/12/30/pfsense-squid-kerberos/

            dead on arrival, nowhere to be found.

            Q 1 Reply Last reply Reply Quote 0
            • Q
              quemadera @mcury
              last edited by

              @mcury I'll give it a try and let you know, thanks 😉

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.