Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Setting up transparent proxy on LAN server

    Scheduled Pinned Locked Moved pfSense Packages
    2 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wscott
      last edited by

      I have a low-power pfsense 1.2.3 box with two interfaces LAN & WAN.
      I want to have a transparent squid proxy with a large disk cache that I can't put on the pfsense box itself so I set it up on a server on the LAN side.

      I want all outgoing WWW traffic from the LAN to be redirected to SERVER:3128 and then allow WWW traffic from SERVER to leave the LAN.

      I tried setting up a NAT port forward on the LAN side to redirect all traffic on LAN port 80 to SERVER:3128, but there didn't appear to be a way to
      allow port 80 traffic from SERVER (which is also on the LAN) to flow out to the WAN.

      I could install the squid proxy on pfsense and then use that port for the traffic from SERVER, but I am trying to avoid having the pfsense box do any more processing than needed.  Nor create a way for the proxy to be bypassed.

      What is the right way to do this?  Why isn't there a field in the DHCP protocol to just tell clients what http proxy to use they will use this by default?

      -Wayne

      1 Reply Last reply Reply Quote 0
      • Cry HavokC
        Cry Havok
        last edited by

        Have you tried searching the forum? There have been any number of threads on this, including this one.

        The standard for telling clients what proxy to use is called WPAD. It is trivial to set up and just about all modern browsers support it.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.