Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can pfsense detect users that trying bypass internet firewall by proxy??

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      drvirus
      last edited by

      hi all ,

      im wondersing if pefsense cababilities:

      Q1
      can detect people that try to bypass pfsense rules by using  proxy:ip in their explorers ?

      can pfsesne detect that traffic ?

      assume that facebook is forbiddend , and somebody used proxyio:port in his browser ,
      can pfsesne detect him ???

      Q2- can pfsens control the https traffic ?
      as an example if i want to deny https facebook , https google and allow other https
      is that available on pfsense ?

      regards

      1 Reply Last reply Reply Quote 0
      • O
        onlineph
        last edited by

        I am also eager to know this so, I am following this thread.

        Anyone for the experts please?

        And how to block those proxies too? Can the Snort do the blocking?

        1 Reply Last reply Reply Quote 0
        • D
          drvirus
          last edited by

          @onlineph:

          I am also eager to know this so, I am following this thread.

          Anyone for the experts please?

          And how to block those proxies too? Can the Snort do the blocking?

          me too still waiting ! :o :o :o

          1 Reply Last reply Reply Quote 0
          • O
            onlineph
            last edited by

            I'm on the watch and hoping experts to give a view and how to's on this topic.

            1 Reply Last reply Reply Quote 0
            • KOMK
              KOM
              last edited by

              I'm no expert but here is what I think.

              pfSense does not have any built-in tamper detection that I am aware of other than IDS like snort or suricata.  You must use other tools to enforce the use of the proxy, such as firewall rules, domain policy, WPAD policy etc.

              HTTPS proxy support requires SSL certificates to be installed or manual proxy configuration on each client, but it can be done.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.