New HOWTO: pfSense Squid Web Proxy with multi-WAN links (it works!)
-
good day pfmasters, i would like to ask if this work on multi-wan fail over?
ive tested squid with multi wan
wan for browsing
opt for others
when squid is on transparent mode, when wan is disconected and failback to opt interface, i cannot browse but when im on non transparent failover works perfect -
Please help me, I can't file access: http://securite-ti.com/pfSense_Web_Proxy_with_multi-WAN_links.pdf
-
Hello,
Thanks for this. Unfortunately it is not working for me.. Here is the issue.. the failover is working fine, i unplug the primary and a few seconds later I am pinging out to the internet. Browsing does not work and here is why:
Under System, Routing, I have 2 Gateways.. the Primary gateway has Default Gateway checked.. so when it goes down the default gateway goes away.. so Squid cannot route out to fetch these pages. So, is there a way for me to setup some weighted routes so squid (and the pfsense firewall) can route out in case the primary connection goes down?
-
@ermal: i've found that when binding squid to localhost only causes traffic from lan not to go through the proxy … should any other redirect rules be implement when running it your way ?
@zzajdica: the floating rules are there to push http traffic to the correct gateway ... check if your floating rules correspond with the ones in this how-to and let us know if that helped
-
Hi!
Thanks for the docs! I'm having some issues also.
1. Following the guides you made, it's working! really! but after few seconds the squid is starting to fail then all connection are totally blocked by squid.
- maybe it's on squid
2. In this mode, while the tier 1 is down. The pfsense itself doesn't have internet connection (im not sure how to say it)
- can't ping any host or even check for updates.
- **but as long as all workstations does have connection and forwarders are working i think i can live with this.I really appreciate what you made!!
I'm Hoping you can help us!!Thank yoU!!!
-
Hi!!
After following those guides, it does gives me interest to study pfsense deeply.
I'm running pfsense 2.0 RC2 (updated) squid + wan failover that for me is working. Just did it TODAY.
I did not set or use any rules (as in no rules are being used.)
I still need to monitor this over the weekend. I'd be happy to share it with you guys if this one works with my needs.
Like port forwarders and carp/pfsync.THank you for giving me encouragement!!
-
My floating rule is set. I also tried upgrading to the newest snapshot but it did not help. Please see attached for my settings. Thanks!
-
Edit the floating rule so that the interfaces and direction are also visible in the screenshots. That's the most important info there aside from what you've shown.
-
-
Check "quick" on that rule.
-
Tried that didn't work
-
duplicate the floating rule you made for http traffic, then modify it for dns (proto tcp/udp / port dns=53)
-
All ways not work.
we need standard way work with all , not for one.
very bad. -
Thanks Heper but that also did not work. I'm going to be deploying this later on with a different network (Right now I am just testing) with DNS servers on the LAN so maybe I'll have better luck in that environment. I'll post back as soon as this happens.
Many thanks.
-
Hi you guys, any one have the document ? i cant get it from the url posted.
thanks in advanced.
Regards
-
Hi you guys, any one have the document ? i cant get it from the url posted.
thanks in advanced.
Regards
Solved, the link was down till now.
Thanks
-
Still couldn't get it to work.. failover works great if I don't have Squid running.
-
We need LoadBalancing and FailOVER! squid guys working faster please!
-
@DimitriS
Did you tested this setup in case of loadbalancing?
After my test it perfectly works in case of failover, but not when I set up loadbalancing between two gateways..
I tried to bind squid to loopback and LAN and only loopback, and works well only when gateways sets in failover.Michael
-
I agree with mbedyn, failover works but not loadbalancing.