Pfsense and squid - problem with internal address with ports
-
Hi all!
I've installed pfsense 1.2.2 with squid 2.6.21_10 package and i have some problem with my configuration.The browser under proxy go in internet without problem, but when i try to access at some internal address (ex: http://192.168.1.12:81/) i receive an "Access Denied" page .
What configuration i must touch?
Thanks and sorry for my english.
Ciao,
andrea -
what are you trying to do by going to that address/port?
-
I have same website internal use in local machine and the webserver on this machine going on the port 81.
If the browser use the proxy and i try local address with port(i don't know if work with external address) they return this error:
ERROR
The requested URL could not be retrieved–------------------------------------------------------------------------------
While trying to retrieve the URL: http://192.168.1.8:81/
The following error was encountered:
•Access Denied.
Access control configuration prevents your request from being allowed at this time. Please contact your service provider if you feel this is incorrect.I have the same problem with address www.mylocalwebsite.com:81 (the dns forward seem ok)
If i try without proxy they work correctly.Thanks for answer!!
andrea -
Per raggiungere quell'URL devi editare il file usr/local/pkg/squid.inc e aggiungere la porta 81 in coda alle safeports.
Salvi e riavvia squid, dovrebbe funzionare.Setup some default acls
acl all src 0.0.0.0/0.0.0.0
acl localhost src 127.0.0.1/255.255.255.255
acl safeports port 21 70 80 210 280 443 488 563 591 631 777 901 $webgui_port $port 1025-65535
acl sslports port 443 563 $webgui_port
acl manager proto cache_object
acl purge method PURGE
acl connect method CONNECT
acl dynamic urlpath_regex cgi-bin ? -
add this to your custom configuration.
acl safeports port 81;
if won't work..
then hack your squid.inc and add port 81 to safeports that would look like this.acl safeports port 21 70 80 81 210 280 443 488 563 591 631 777 901 3128 1025-65535
-
Grazie 1000, funziona benissimo, mi avete tolto entrambi un bel grattacapo!
i've used -acl safeports port 81;- in webadmin.
Thanks at both!!
A buon rendere! olè!