Transparant squid -> no DNS
I've always used a non-transparant setup but wanted to switch so users don't require a specific setup before they can use http.
When I direct traffic in the browser "manually" through the proxy (like before), all works fine.
When I set the browser to autodetect the settings, sites won't come up, unless I try to access them through their IP address.
I also tried to configure the clients through wpad with this instruction: http://doc.pfsense.org/index.php/WPAD_Autoconfigure_for_Squid but I have the same problem.
It seems obvious that there is a DNS problem but I can't figure out why because when 'forced' to use the proxy, the browser resolves the DNS requests without a problem
mhab12 last edited by
Do you have both the 'transparent proxy' and 'allow users on interface' boxes checked?
Allow users on interface : check
Transparent proxy: check
On the same computer:
Firefox: forced to use the proxy in browser settings –> no problem
IE: automatically detect -> only possible to browse IP sites, URL doesn't resolve
I'm able to access the wpad.dat, wpad.da,... files through the webbrowser browsing: wpad.domain.com/wpad.dat
I just entered: http://wpad.domain.com/wpad.dat in the "use configuration script" and after that, I'm able to browse.
But when using the "automatically detect" setting (the one I would like to use) I still get no DNS resolving.
mhab12 last edited by
Auto detect is for the wpad stuff only. To utilize 'transparent', no autoconfigure is required. It is truly transparent to the unsophisticated end user. Boot the computer and browse. You can check if Squid is working by visiting http://www.whatismyip.com/ and look for a refence to Squid.
TailWagsTheDog last edited by
If you do want to use auto-detect though and IE refuses to play ball I've often found it to be one of two things…
If you configured your wpad using DNS (and not DHCP) then make sure you've used an A record for the wpad entry, and not a CNAME. For some reason IE doesn't like CNAME's....
(Make sure you've tested you're WPAD.DAT file using something free like pactester etc. so you know your WPAD.DAT is valid).