Squid & multi wan setup not working for hosts on a wan card
-
Hi all,
my pfsense box has 3 WANs used as a pool with load balancer, and squid running as transparent proxy running on the LAN interface. Now every site outside of the WANs subnets is reachable, but when I try to reach a site on a WAN connection (OPT2) I got an error message saying that the site is not reachable (error 61 - could not be online). I've verified from the console and the pfsense box can ping the host and the route shows the right path to reach it, as well as the host can reach the pfsense box. I've tried to reach it thru numerical ip, instaed of name, but nothing changes.
I've tried to add the domain to thos excluded from the cache management but the errore remains. The only way to change the error is to add the numeric ip to the Bypass proxy for these source IPs, doing this I got an error (not from squid but from the browser) saying that the site is not reachable.
It appears to me as if squid don't know how to reach the site. Moreover the error 61 seems to me related to a multi-proxy setup, but I've no forwarding of cache requests to my configuration.Any suggestion?
-
After trying a lot of configurations, I found that the router of the WAN was doing a port forwarding that was in conflict with the configuration of the network itself.
-
HI,
Did you resolve the issue with this one? because I having the same issue as well and I search the forum that squid is not working in pfsense 1.2.3 with Multi Wan setup.
-
Yes, I solved it, and it was caused by a misconfiguration of one of the wan router.
-
What is the correct configuration? you mean the squid works on multi WAN connection? because I tried different setup and I can't get the squid to work once the WAN failed and the WAN2 (opt1) take over the client unable to connect to internet unless you stopped the squid service.
So what changes did you make?
-
This is me too, I have the same problem
-
ok heres what i've tested… i have a multi wan pfsense in my network. I install squid in another computer and had its gateway pinting to the pfsense box. i went to google whats my ip search pages found out that my ip changes when i refresh the page. i think you guys can have another pfsense box and install with squid in your network and it might work.
LAN ---------->pfsense + Squid (transperent proxy) --------------------> pfsense + multi wan ----------------> the internet
i think you can label your pfsense+squid as kraken ^^