• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Squid Proxy Authentication

Scheduled Pinned Locked Moved pfSense Packages
3 Posts 2 Posters 2.5k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • G
    grimmy
    last edited by Apr 7, 2011, 7:21 PM

    Hey guys,

    I have a general question, I recently setup a PFSense box for my home network. I am currently trying to setup a proxy using Squid for my optional network. My setup is below

    WAN –--> DHCP
    LAN -----> 10.0.1.X
    OPT -----> 10.0.2.X

    I have currently configured both the LAN and OPT network to use the WAN for internet. My question is; is it possible to setup a proxy using squid that would require users on the OPT network to enter a username and password to access the internet? Its a pretty basic network without any server so I don't have anything for LDAP. Does Squid provide a option to setup usernames and passwords for access? Is it possible to have full access to the internet on the LAN and require a username and password on the OPT side at the same time?

    I have tried to point squid to run over the OPT network and turned on "local" for the authentication. When I do this any user can still get out without being prompted for a username and password. Is there a setting I need to apply under Firewall or Rules so it looks to this proxy? Thanks for your help everyone.

    1 Reply Last reply Reply Quote 0
    • G
      grimmy
      last edited by Apr 7, 2011, 8:10 PM

      Nevermind, figured it out.

      You have to setup the clients to use a proxy if your not using transparency. If you use transparency you cannot use authentication.

      1 Reply Last reply Reply Quote 0
      • M
        mhab12
        last edited by Apr 7, 2011, 10:04 PM

        We do a setup just like this using the captive portal.  We allow access to only whitelisted URLs on our LAN (10.21.1.0/24) and open internet once authenticated through the captive portal on OPT1 (192.168.1.0/24).  We manually list out the OPT1 IPs in the 'do not filter' box in the Squid GUI and it accomplishes exactly why you describe.

        1 Reply Last reply Reply Quote 0
        3 out of 3
        • First post
          3/3
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
          This community forum collects and processes your personal information.
          consent.not_received