Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    OpenVPN tunnel seems to break transparent proxy rule

    OpenVPN
    1
    1
    940
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vin0x64 last edited by

      Hi,

      I've a pfsense box doing a home router / firewall /squid + squid guard using transparent proxy rules.

      In addition to that I've set up an openvpn tunnel to a dedicated server on the internet. So my pfsense box is an openvpn client.

      When bringing the openvpn tunnel up I noticed that the proxy did not work anymore, indeed the automatic rdr rules get wiped out of the pf ruleset as shown below on the rules.debug files before and after the restart of the client.

      [2.1-RELEASE][root@pfsense]/tmp(46): diff rules.debug.ovpn rules.debug.tpok
      83a84,87

      Setup Squid proxy redirect

      rdr on bge1 proto tcp from any to !(bge1) port 80 -> 127.0.0.1 port 3128

      246a251,254

      Setup squid pass rules for proxy

      pass in quick on bge1 proto tcp from any to !(bge1) port 80 flags S/SA keep state
      pass in quick on bge1 proto tcp from any to !(bge1) port 3128 flags S/SA keep state

      After that I need to go back to squid setup and "save" to get back my rdr rules.

      Should I file a bug report or set thing up differently ?

      Vincent.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy