Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid: Can't access https!

    Scheduled Pinned Locked Moved pfSense Packages
    6 Posts 3 Posters 7.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rexis
      last edited by

      I have a pfsense box with squid package.

      The squid is configured to use an upstream proxy.

      The only internet connection is via the proxy(company policy), and nothing else.

      So I have configured my browser to have this proxy(LAN IP), and with port 3128.

      Normal http is working fine, but I am unable to get into any email website(https).

      Anyone can shed some light?


      I check and see that the squid.conf have all the SSL ports defined. Is this a problem came from PfSense? Or is caused by the upstream 8080 proxy?

      nix noob

      1 Reply Last reply Reply Quote 0
      • M
        mhab12
        last edited by

        Does it work if you take pfSense out of the equation?  Just connect the workstation to the LAN and set it to use the required proxy server.  Can you get to HTTPS sites through this setup?

        1 Reply Last reply Reply Quote 0
        • R
          rexis
          last edited by

          Yes, that was the setup all this while. HTTPS traffic stop flowing after the PfSense + Squid is added in between.

          I have tried to put the PfSense + Squid box directly to a modem and everything works, http and https. So its more likely its the upstream proxy server isn't talking SSL properly with my squidy(or I didn't set the proper settings for squid as a down streamer).

          Anybody has been dealing with Squid + ISA Server as upstream?

          nix noob

          1 Reply Last reply Reply Quote 0
          • M
            mhab12
            last edited by

            Try taking out the upstream proxy configuration.  Won't ISA pick up the traffic transparently just like a transparent squid installation would?

            1 Reply Last reply Reply Quote 0
            • R
              rexis
              last edited by

              Here is my upstreams:
              User –-> Squid ---> ISA #1 ---> ISA #2 ---> Internet

              I have tried to directly connect to ISA #1 without setting browser proxy and found that I am having the same issue(http ok, https time out), am now banging my head on the ISA box now.

              I have also tried the following setting:
              User ---> Squid ---> ISA ---> Internet
              http ok
              https timeout

              nix noob

              1 Reply Last reply Reply Quote 0
              • X
                xeneize
                last edited by

                Hello. Are you sure that in the firewall, in the lan tab is enabled the port 443 (https)?. Sorry for my english.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.