Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Can pfsense detect users that trying bypass internet firewall by proxy??

    General pfSense Questions
    3
    5
    979
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      drvirus last edited by

      hi all ,

      im wondersing if pefsense cababilities:

      Q1
      can detect people that try to bypass pfsense rules by using  proxy:ip in their explorers ?

      can pfsesne detect that traffic ?

      assume that facebook is forbiddend , and somebody used proxyio:port in his browser ,
      can pfsesne detect him ???

      Q2- can pfsens control the https traffic ?
      as an example if i want to deny https facebook , https google and allow other https
      is that available on pfsense ?

      regards

      1 Reply Last reply Reply Quote 0
      • O
        onlineph last edited by

        I am also eager to know this so, I am following this thread.

        Anyone for the experts please?

        And how to block those proxies too? Can the Snort do the blocking?

        1 Reply Last reply Reply Quote 0
        • D
          drvirus last edited by

          @onlineph:

          I am also eager to know this so, I am following this thread.

          Anyone for the experts please?

          And how to block those proxies too? Can the Snort do the blocking?

          me too still waiting ! :o :o :o

          1 Reply Last reply Reply Quote 0
          • O
            onlineph last edited by

            I'm on the watch and hoping experts to give a view and how to's on this topic.

            1 Reply Last reply Reply Quote 0
            • KOM
              KOM last edited by

              I'm no expert but here is what I think.

              pfSense does not have any built-in tamper detection that I am aware of other than IDS like snort or suricata.  You must use other tools to enforce the use of the proxy, such as firewall rules, domain policy, WPAD policy etc.

              HTTPS proxy support requires SSL certificates to be installed or manual proxy configuration on each client, but it can be done.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post

              Products

              • Platform Overview
              • TNSR
              • pfSense Plus
              • Appliances

              Services

              • Training
              • Professional Services

              Support

              • Subscription Plans
              • Contact Support
              • Product Lifecycle
              • Documentation

              News

              • Media Coverage
              • Press
              • Events

              Resources

              • Blog
              • FAQ
              • Find a Partner
              • Resource Library
              • Security Information

              Company

              • About Us
              • Careers
              • Partners
              • Contact Us
              • Legal
              Our Mission

              We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

              Subscribe to our Newsletter

              Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

              © 2021 Rubicon Communications, LLC | Privacy Policy