Allowing certain internet traffic through pfsense without authentication



  • we use pfsense on our network with squid enabled so that it authenticates users internet access with a user name and password. we also block port 80 in the firewall LAN rules as we want all traffic to route through the proxy port 3120 which is what happens and then nobody can install Firefox or alternative browsers and bypass the proxy.

    however because windows automatic updates uses port 80 it doesn't seem to run. what i would like to know is if within either squid or pfsense is there anyway to modify it that any traffic that routes to the micrsoft update website or any other applications that can be configured to bypass or go thru the proxy automatically i.e. easyfile (RSA tax application) etc, to be ignored completley by the proxy or allowed through the proxy without authentication.


Log in to reply