Pfsense and MSN-proxy

  • Hi list

    We're trying to setup this software called msn-proxy. This little piece of code does a good job at managing Windows Live Messenger connections and policy enforcement for that software.

    So, we have our machine with MSN-proxy installed on a server on our LAN. What we need is when connections from workstations try to go to the internet on port 1863 they get redirected to the msn-proxy machine (which is in the same network as the workstations) and then this machine (the msn-proxy) will forward the requests to the internet after logging and enforcing the policies. For obvious reasons we need to prevent the redirection taking effect when the packtes come from the proxy machine (looks to me like a no-nat rule for an specific address).

    What we tried till now? We tried to setup a NAT on the LAN interface saying that when a connection to port 1863 reaches pfsense it gets forwarded to the msn-proxy machine and then we tried to say (with no-nat rule) that pfsense should not redirect packets originating from the msn-proxy machine back to itself (thus creating a loop).

    Unfortunatelly, this setup is not working at all even though i can see packets reaching the msn-proxy machine coming from pfsense.

    Could anyone shed even a dim light on this matter ;)

    Thanks to all you…

  • I don't understand why your setup wouldn't work, but maybe there is another solution for the same goal. Have you looked at IMspector package for pfSense?

  • Yes, we did and we have IMSpector installed as a backup solution now. But since the people who are going to menage the system are not too much the tech-inclined types, MSN-Proxy would give them a more user-friendly experience. That's why we're looking into it instead of using IMSpector.

    As for the problem, all logic applied looks correct. We'll keep on testing. Thanks for your reply.

Log in to reply