We have pfsense installed at 3 sites. Ipsec tunnel is setup and working just fine. All users can get to the internal sites fine. We are using squid and everyone can reach most of the outside sites just fine. We have one site where the users can't reach Hotmail and childplus.net. I can't find any other sites that are blocked. I can ping both sites from the wan interface but the computers can't get to them.
At that site the setup is wan 10.0.12.X proxied to a public ip address by the ISP and lan is 192.168.5.x gw 192.168.5.1 dns server 192.168.5.1 with dns forwarder on. Squid is set to never cash those two sites and both sites ip addresses are whitelisted. And it didn't work before the never cash or the whitelisting either. Anybody have any ideas? Last thing I tried was removing pf scrubbing. Looking for a lead to what I am missing or a direct answer and I don't care if it is you dummy why didn't you check this box, I just need some answers.
Ok, I figured it out. And it was real stupid when I thought about it. I was bypassing the squid for https to these two sites so I needed a outbound nat for https to these sites. Thanks for reading.