3. SQUID on DUAL WAN only use DEFAULT

SQUID on DUAL WAN only use DEFAULT

  • M

    I have 2 WANs (using a Gateway Group) and used separately (for some requests I use the Group to go outside and for some other requests I need to use one WAN or the other).

    The fact is when I configure the SQUID it uses ONLY the default gateway to go outside, I cannot use the firewall->rules to define the way the packages use to go outside. If I remove the package the rules work well.

    Any idea of what I need to do or configure to make it work?

    Thanks

    0

  • Are you using pfsense 2.0?

    0
  • M

    Sorry, yes PFSense 2-RELEASE

    0
  • M

    I'm going to be headed down this road once I upgrade.  Please let us know if you get it working.

    0

  • translating from felipeortega post: http://forum.pfsense.org/index.php/topic,37776.0.html

    After gateway balance/ failover configured at your pfsense box,

    create this rule at floating:

    Action: Pass
    Interface: Select both Wans
    Direction: Out
    Source: any
    Destination: any
    Destination port range: 80 or squid port
    Gateway: Select LoadBalance gateway you created

    go to Firewall>NAT->Outbound
    Select Manual Outbound and save
    create one outbound rule for each wan with
    Protocol= any
    Source= any
    Destination= any
    Translation  = Interface address

    at squid add this to:
    Select lan and loopback to listen on

    at custom options:
    tcp_outgoing_address 127.0.0.1 all;#(all in this case is your acl)

    0
  • M

    Marcello, I read the FelipeOrtega post too, and I promises that I'll try it on Monday. But I'm thinking that my problem is different, is not related to LoadBalancing that work well, but to push the outgoing packages to different gateways using Squid.
    On my mind (please someone correct me if I'm wrong), the things are:

    <my request="">->LAN (in) Rules->Squid->Floating (out) Rules->Outside

    For that your rules seems to work, my doubt is, when the <my request="">arrives to the WAN Rules, it comes from my-lan-address or from 127.0.0.1 (Squid)?????

    Again I'll make some tests on Monday and I'll let you (all) know.

    Thanks,</my></my>

    0
  • D

    @mack:

    <my request="">->LAN (in) Rules->Squid->Floating (out) Rules->Outside

    For that your rules seems to work, my doubt is, when the <my request="">arrives to the WAN Rules, it comes from my-lan-address or from 127.0.0.1 (Squid)?????</my></my>

    I can answer you <your request="">will come from Squid. That's the way proxy work.</your>

    0
  • N

    Yes, you have to balance the web traffic from the localhost instead of the traffic for you lan clients.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy