Unable to access internet through pfsense
-
Re: Lead all LAN Traffic to external Proxy on WAN Site
Dear sir
I am working in an organization already having proxy configured, and managed by other department
Now I install pfsense and set wan as dhcp and lan with static and enable dhcp I am able to ping my company network resouces from that dhcp (used win 10 as vm ) also set company's proxy in system-->advanced --> misc tab alongwith port.
I would like to pass traffic through pfsense I also installed squid package and set proxy address of my pfsense LAN interface alongwith 3128 port but unable to browse internet (err connection time out) but ping works fine
when I put company's proxy then internet works fine but i need to pass traffic through my pfsense
please help me I am new to pfsense need your kind support
thankyouWAN IP static 10.101.4.38 DNS 10.10.0.10 and 11---> LAN IP 192.168.1.100 (dhcp enabled) dns for client 10.101.4.1 and 8.8.8.8
-
@zaibi12345 said in Unable to access internet through pfsense:
when I put company's proxy then internet works fine
What does the man ? Putting what where ?
@zaibi12345 said in Unable to access internet through pfsense:
Now I install pfsense and set wan as dhcp
and the pfSense WAN got an IP, you've shown 10.10.4.38. Is that correct, is that the gateway ?
Maybe you have to enter info here :
@zaibi12345 said in Unable to access internet through pfsense:
DNS 10.10.0.10 and 11
Did you check with pfSense if it can reach these ?
Like :dig @10.10.0.10 www.google.comand
dig @10.10.0.11 www.google.com@zaibi12345 said in Unable to access internet through pfsense:
dns for client 10.101.4.1 and 8.8.8.8
Check also, both from pfSense and a LAN client.
-
@Gertjan said in Unable to access internet through pfsense:
thankyou for your interest to my issue.What does the man ? Putting what where ?
means when i put company's proxy 10.10.0.5 8080 in my client machine then internet works fine but i need to type 192.168.1.100 3128 which is my own pfsense proxy lan ip address
@Gertjan said in Unable to access internet through pfsense:
and the pfSense WAN got an IP, you've shown 10.10.4.38. Is that correct, is that the gateway ?
sorry it is 10.101.4.38 yes it is my company's internet this is not gateway , in my company computer gateway is 10.10.0.5
@Gertjan said in Unable to access internet through pfsense:
Maybe you have to enter info here
yes I typed here my company proxy address
@Gertjan said in Unable to access internet through pfsense:
Did you check with pfSense if it can reach these ?
yes through pfsense 7 number select and can ping both of my company's dns
@Gertjan said in Unable to access internet through pfsense:
Check also, both from pfSense and a LAN client.
ping from our network to internet is time out because icmp is blocked by company firewall
-
@zaibi12345 Hello,
I'm sorry but I will ask some other question.
If I understand correctly, what you need is
Your LAN -> Netgate SquidProxy -> Your organisation LAN -> Your organisation Proxy
And when you set your organisation proxy on a client inside your LAN, everything works fine, but you want to get it working when using your Netgate SquidProxy as well, am I right ?
(Warning : I may be wrong starting from here)
I think the issue here is that the "misc tab proxy setting" is only for the pfsense, not for your Squid Proxy, and what's going through your own proxy doesn't forward to your organization proxy.I didn't test it yet, but this is interesting, so I will probably try this out on my lab next week, but from what I found around, there's this line in squid config that need to be set up :
cache_peer <Parent_proxy_IP> parent <port> 0 no-query defaultIn PfSense+ you can find similar option under
Services > Squid Proxy Server > Remote Cache TabWhen adding a new remote cache, you can add a remote parent server.
Did you get that already configured on you proxy server or not ?
If not, can you try it ?I'll probably check this on my lab next week, good luck with your config
-
@Froginou14
Thankyou for your kind attention to my topic, I tried as per your instructions but issue is still same it is saying dns prob finished no internet access
if I pass traffic through squid by typing IP of this firewall in proxy err connection timeout is showing
