Squid with Lan1 > Wan1, Lan 2 > Wan2
-
It's working on 2.0.3, dual Wan (no failover, no load balancing).
Primary Lan goes through first Wan, other Lans use second Wan interface.
Squid (2.7.9 pkg v.4.3.3) and Squidguard (1.4_4 pkg v.1.9.5) packages installed. -
@rbt:
It's working on 2.0.3, dual Wan (no failover, no load balancing).
Primary Lan goes through first Wan, other Lans use second Wan interface.
Squid (2.7.9 pkg v.4.3.3) and Squidguard (1.4_4 pkg v.1.9.5) packages installed.How did you?
Just with squid custom options acl and tcp_outgoing_address?Edit : I'm using Squid3 (3.1.20 pkg 2.0.6), i will try to downgrade
-
How did you?
Just with squid custom options acl and tcp_outgoing_address?Yes, just as @rubic suggested.
Edit : I'm using Squid3 (3.1.20 pkg 2.0.6), i will try to downgrade
I'm running pfsense on virtual machine, so I'll make a snapshot and try to upgrade pfsense to 2.1 and after that squid to 3.x.
-
Downgraded to squid 2.7.9 pkg v.4.3.3,
it still not work :( Squid always use default gateway -
My Wan1 interface ip is : 10.0.0.100 (default gateway)
My Wan2 interface ip is : 192.168.1.100Even if i just set "tcp_outgoing_address 192.168.1.100;", squid use default gateway only (10.0.0.100).
There is maybe a outgoing rule to add?
-
Nobody has an idea to make policy routing with Squid? :-[
-
Just tested on 2.1.1-PRERELEASE/Squid 2.7.9. It's working.
Uncheck 'Disable X-Forward' and 'Disable VIA' on 'Proxy server: General settings', then open http://all-nettools.com/toolbox/proxy-test.php to make sure traffic not bypass squid for some reason.
The result must be: "Proxy server detected", "You came from…", "You came via..." -
Just tested on 2.1.1-PRERELEASE/Squid 2.7.9. It's working.
Uncheck 'Disable X-Forward' and 'Disable VIA' on 'Proxy server: General settings', then open http://all-nettools.com/toolbox/proxy-test.php to make sure traffic not bypass squid for some reason.
The result must be: "Proxy server detected", "You came from…", "You came via...""Disable X-Forward" and "Disable VIA" are already unchecked (default). Obviously it's don't work.
Here is the results :
You came from 172.16.0.2(172.16.0.2)
You came via 1.1 xxxx:3128 (squid/2.7.STABLE9)
Remote address 82.x.x.x.x (WAN1 Public IP)
Remote host 82.x.x.x (WAN1 Public IP)Remote addresses should be 109.x.x.x (WAN2 Public IP)
-
My Wan1 interface ip is : 10.0.0.100 (default gateway)
My Wan2 interface ip is : 192.168.1.100The problem may be that you have the same ip subnet on different interfaces (WAN2, LAN1). Do you?
-
My Wan1 interface ip is : 10.0.0.100 (default gateway)
My Wan2 interface ip is : 192.168.1.100The problem may be that you have the same ip subnet on different interfaces (WAN2, LAN1). Do you?
In fact, My LAN1 subnet is : 192.168.100.0/24, i put 192.168.1.0 in the scheme for example,
my apologies!So i have :
WAN1 : 10.0.0.100
WAN2 : 192.168.1.100
LAN1 : 192.168.100.1/24
LAN2 : 172.16.0.1/16Gateways :
GW1 : 10.0.0.200 (default)
GW2 : 192.168.1.200Squid custom options :
acl LAN1 src 192.168.100.0/24;
acl LAN2 src 172.16.0.0/16;
tcp_outgoing_address 10.0.0.100 LAN1;
tcp_outgoing_address 192.168.1.100 LAN2;"Disable X-Forward" and "Disable VIA" unchecked
If i do a tracert, everything is ok, LAN2 go out via WAN2.
If i check my public ip from LAN2 via website, it shows the WAN1 public IP instead of the WAN2. -
Sorry, I ran out of ideas. It just must be working. If you will share your config backup (with all the sensitive data deleted), I'll try to help you.
-
Ok, i will go back to Factory defaults, note what i setup and then send my config file (if it does not work!)
Thanks for ur help anyway -
Well, i made a factory reset and discovered my problem: i had a static route in 192.168.0.0/16 to a VPN Gateway. (so wan2 was in this static route! 192.168.1.100/24).
Deleted this static route and now, everything works like a charm :)
Thanks for your helpTopic SOLVED
-
how could i work around the problem, that my wan-ip changes every 24h?