3. Squid Advanced Setup?

Squid Advanced Setup?

  • K

    Hello,

    I am going blind here been trying to find information on how to setup the Proxy using Squid. I need to filter HTTPS traffic and virtually everything and allow only a handful of websites. From what I understand (which :( I am realizing is much less than what I thought I knew) I cannot use Transparent mode.

    I have spent today reading and searching everything I can find on Google and trying to find info on the website here. I admit that my head is a bit crooked right now!

    What I am hoping someone can do is direct me to some good tutorial on how to set up Squid in non transparent mode. I have 3 interfaces…

    WAN - Internet

    LAN - Network

    OPT - not used

    I want to setup the proxy to allow gmail and a handful of white listed websites. If someone could please give me some good links on proxy server info and a tutorial to set up pfsense as a proxy using squid I would appreciate it.

    I would even be willing to write a document for this website if someone wants to point me in the right direction and give me some insight as I go.

    Again forgive me if what I am asking is redundant or overly simple, I am no longer able to think I have so much swimming in my head right now!

    Thank you,
    K

    0

  • To use non transparent proxy, you need to configure client browsers to use squid (firewall lan ip and port 3128)
    If you want, you can use wpad/pac configuration script and use all browsers with auto detect select

    On firewall, create a rule on lan allowing clients to access only squid port.

    0
  • K

    Thank you for your direction!

    I have successfully set up the proxy but now I can only access http traffic and after 3 hours of searching for an answer and reading several posts my mind is locking up again.

    Why can I hit http traffic but when I try gmail it locks up

    I have a lan rule that will allow access to 443 that is set by the auto config and i have tried to set a separate rule which will pass requests from pfsense on port 3128 to wan address on port 443 and I have tried to just set up any lan traffic to port 443 and I still cant access gmail when I am using the proxy. Any Ideas?

    Modification - I can be a bonehead sometimes, I didn't set firefox to use the same proxy settings. All is working, now I will need to figure out WPAD served from another internal server! Thank you for your help.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy