Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proxy server not working

    Scheduled Pinned Locked Moved Firewalling
    11 Posts 4 Posters 6.7k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      Ponl
      last edited by

      For reference : I use version "1.0-SNAPSHOT-09-14-06".

      I'am having troubles getting my internal squid to work.
      I add a rule to permit 8080 traffic but I cannot access the internet using our
      www-proxy server.
      The proxy server is a squid proxy server on 192.168.1.6 running FreeBSD 6.1.
      It is on a different machine as pfsense.
      This used to work with monowall …
      Could this be a bug or is there something I should check first ? Also where can I report
      this bug if it is a bug?

      EDIT : A proxy server outside the network works but internal doesn't.

      Thanks

      1 Reply Last reply Reply Quote 0
      • S
        sullrich
        last edited by

        You fail to describe how this proxy server receives traffic from the firewall, etc.

        Is it an active directory policy?  Is it a port forward?  Is it transparent?

        1 Reply Last reply Reply Quote 0
        • P
          Ponl
          last edited by

          Sorry I am not being clear.
          The proxy server is not a transparent proxy, it is not a port forward.
          It is just a proxy sitting at 192.168.1.6 for any user in the network 192.168.1.0
          to use if they wich, it caches their http requests for reduced trafic.
          Only the proxy server doesn't work anymore with pfsense instead of
          monowall as firewall. I did add a rule on the lan that port 8080 is premitted.
          I don't have to add a rule to the wan right ?

          EDIT : forgot to mention erlier but when I remove the block all trafic at the end
          on my lan rules list it works. So it seems like my 8080 firewall rule doesnt do anything.

          I hope this describes more, please let me know if I missed anything.

          Regards

          1 Reply Last reply Reply Quote 0
          • J
            jeroen234
            last edited by

            for a not transparend proxy on youre lan you don't need rules the users just enter the ip of the proxy in there browser config

            if you dont want them to enter ip or force them to use the proxy (thats called transperend)
            then you need to make a portforward for port 80 to port 8080 to youre proxyserver ip on the pfsense server (the proxyserverip must be excluded from this rule else you make a loop and get no where) and set youre proxyserver to transperd mode
            if youre blokking access to the internet with out the proxy then make sure that youre are not blocking the trafic from the proxyserver on port 80 to the internet on the pfsense server

            1 Reply Last reply Reply Quote 0
            • S
              sullrich
              last edited by

              It sounds like you are blocking on lan by default, allowing some services before it.

              Please show us a screenshot of the rules summary screen (the one where you can add and delete rules).

              1 Reply Last reply Reply Quote 0
              • P
                Ponl
                last edited by

                Here is the define of the proxy :
                "here was a url" …

                Here are the blocking rules :
                "here was a url" ...

                Hope that helps

                1 Reply Last reply Reply Quote 0
                • S
                  sullrich
                  last edited by

                  Really wish I could give you an answer on this one.  Everything looks correct.

                  Make sure the rule is actually being added in /tmp/rules.debug.

                  Search for 8080.

                  1 Reply Last reply Reply Quote 0
                  • H
                    hoba
                    last edited by

                    You usually don't need the port 8080 rule unless there is another proxy outside the LAN subnet. As Scott already said, your rules look valid. If it's a firewallruleissue you should find out at status>systemlogs, firewall. If you see blocks for traffic from the proxy IP check the destination ports that are in use. You also can click the small block icon to see what rule caused the block.

                    1 Reply Last reply Reply Quote 0
                    • P
                      Ponl
                      last edited by

                      I log all trafic that doesnt get handled by any of these rules but it
                      never logs 8080 ar any of that trafic, But still when i sett pass to that rule
                      it works …

                      1 Reply Last reply Reply Quote 0
                      • H
                        hoba
                        last edited by

                        Add a pass rule for protocol any, source proxy ip, port any, destination any, port any, gateway default and add a log to that at the very top of your rules. Use the proxy. Please show use the pass logs in your firewall logs that are produced by this rule.

                        1 Reply Last reply Reply Quote 0
                        • P
                          Ponl
                          last edited by

                          hmmm I found the problem … It seemed to be dns.
                          Sorry guys and thanks for the help :-[

                          Thanks

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.