3. Setting up transparent proxy on LAN server

Setting up transparent proxy on LAN server

  • W

    I have a low-power pfsense 1.2.3 box with two interfaces LAN & WAN.
    I want to have a transparent squid proxy with a large disk cache that I can't put on the pfsense box itself so I set it up on a server on the LAN side.

    I want all outgoing WWW traffic from the LAN to be redirected to SERVER:3128 and then allow WWW traffic from SERVER to leave the LAN.

    I tried setting up a NAT port forward on the LAN side to redirect all traffic on LAN port 80 to SERVER:3128, but there didn't appear to be a way to
    allow port 80 traffic from SERVER (which is also on the LAN) to flow out to the WAN.

    I could install the squid proxy on pfsense and then use that port for the traffic from SERVER, but I am trying to avoid having the pfsense box do any more processing than needed.  Nor create a way for the proxy to be bypassed.

    What is the right way to do this?  Why isn't there a field in the DHCP protocol to just tell clients what http proxy to use they will use this by default?

    -Wayne

    0
  • C

    Have you tried searching the forum? There have been any number of threads on this, including this one.

    The standard for telling clients what proxy to use is called WPAD. It is trivial to set up and just about all modern browsers support it.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy