Squid3 - New GUI with sync, normal and reverse proxy
-
I need to bring this up again.
Is this package still broken and needing to assemble and download pieces from elsewhere not in the package itself?
When I go to Package Manager Console in my PFSENSE 2.1 RC1 I see Squid 3 BETA and the MORE INFO links direct to this post.
When will we be able to do a normal install of Squid 3 BETA from PFSENSE as with other packages?
-
Try Google like I said… This is an IIS property which is not controlled by any other Management console or powershell.
Hi Hobby-Student.
i tried this this already. Also a coworker has checked the IIS configuration. Nothing found. The problem only occur if the connection is forwared through the proxy. a direct-connection to the iis enabeld site works.
Best regards
Dave -
Hi Hobby-Student.
i tried this this already. Also a coworker has checked the IIS configuration. Nothing found. The problem only occur if the connection is forwared through the proxy. a direct-connection to the iis enabeld site works.
Best regards
DaveI do have a similar Setups. Exchange-Server (2007, 2010) behind pfsense with squid as reverse proxy. For me the only thing breaking attachments was the IIS default configuration.
Am I reading right, that attachments work through squid, except larger files? (you mentioned 8MB)
It's working from the outside,if squid is not active? (direct connection from the outside to the Exchange) -
Hi hobby-student,
thats right, if i create a nat rule for webmail.contoso.com, port 443 and forward it to the target address 192.168.0.10, owa works with large attachement
if i enable the reverse proxy (all enabled) i can only attach 1-2kb filesim using iis7 and iis8 in different setups.
-
Hi hobby-student,
thats right, if i create a nat rule for webmail.contoso.com, port 443 and forward it to the target address 192.168.0.10, owa works with large attachement
if i enable the reverse proxy (all enabled) i can only attach 1-2kb filesim using iis7 and iis8 in different setups.
that sounds weird… did you use something like
With the following command you can change the value (in this case 10MB): C:\Windows\System32\inetsrv\appcmd.exe set config -section:system.webServer/serverRuntime /uploadReadAheadSize:"10485760" /commit:apphost C:\Windows\System32\inetsrv\appcmd.exe set config "Default Web Site" -section:system.webServer/serverRuntime /uploadReadAheadSize:"10485760" /commit:apphost -
No, hobby-student, but i did some future investigations and my conclusion is: maybe a bug in IIS 8
i did the following tests
pfsense reverse proxy, behind an iis7 (server 2008r2) with exchange 2010 sp3 UR2: It works
pfsense reverse proxy, behind an iis8 (server 2012) with exchange 2010 sp3 UR2: It doesn't work with safari/firefox/chrome. No problems wih IE…. grrrso i think its not the pfsense....
-
No, hobby-student, but i did some future investigations and my conclusion is: maybe a bug in IIS 8
i did the following tests
pfsense reverse proxy, behind an iis7 (server 2008r2) with exchange 2010 sp3 UR2: It works
pfsense reverse proxy, behind an iis8 (server 2012) with exchange 2010 sp3 UR2: It doesn't work with safari/firefox/chrome. No problems wih IE…. grrrso i think its not the pfsense....
that's what i meant. it's an IIS thing… with non-IE Browsers it's invoking other stuff, so an IIS setting could be the problem.
-
-
I've added a new page to configure additional ports and added a configuration for client certificates.
I'm doing it on web servers page but I'll take a look on your code and see how can I merge it with my current uncommitted code.
Thanks for your code contribution. :)
Could you already take a look at my code changes? (https://github.com/TheNetStriker/pfsense-packages/commit/7d926f3d44cee817475c20bde44fe6471bab4ba7)
-
Squid3-dev has it's own forum topic.
I have looked for it… and I can't find it.
Could you please post a link to it here?
-
Hi, there is a mistake in the URL used for dynamic caching under Windows Update, this is the wrong line:
refresh_pattern -i my.windowsupdate.website.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
it should be
refresh_pattern -i windows.com/.*.(cab|exe|ms[i|u|f]|asf|wm[v|a]|dat|zip) 4320 80% 43200 reload-into-ims
-
Installed 3.3.10
Huge issue
OWA not working anymore
and mixed website
I reset the entire settings the more webserver and mappings I'm adding the messier it gets
-
-
I've just installed pfSense 2.1.1 and Transparent SSL is no longer working… The certificates squid provides are no longer trusted.
-
I've just installed pfSense 2.1.1 and Transparent SSL is no longer working… The certificates squid provides are no longer trusted.
I'm having the same problem with this.
It happened even before I updated to 2.1.1, the SSL filtering went off after I updated the Squid3-Dev yesterday.
Any fix? Thanks in advance!
-
Any fix for this? Bumping up thread…
thanks in advance!
-
https://forum.pfsense.org/index.php?topic=62256.msg407762#msg407762
-
Got it working again.
Here's what I did:
1. stopped squid
squid -k shutdown2. Cleared the squid cache
mv /var/squid/cache /var/squid/cachebu3. Regenerate it (takes some time to complete)
squid -z4. Rebooted the machine
5. Cleaned up a bit
rm -rf /var/squid/cachebuAt first, squid and squidguard does not want to start but after the cache were cleaned up and regenerated, everything's back to normal… I hope...
and yes, this addition worked a treat:
always_direct allow all
ssl_bump server-first all -
If you have squidGuard-squid3 you will need this patch also:
https://forum.pfsense.org/index.php?topic=73640.msg402286#msg402286
-
Thanks for pointing that out….
I'll wait for the official fix from the developer so I won't mess up a lot.
I'm happy that it's working for now until the next update happens...
Thanks a lot!
