Policy route internal host to external proxy?



  • Hi,

    I have an internal host which I need to route out through an external proxy.  Unfortunately the device doesn't support a proxy configuration directly, so I need to force this in the network.  How, generally, would I go about setting this up in pfsense?

    My firewall is super-simple.  one WAN and one LAN interface.  Nothing complicated in the rules.  Block most inbound, allow most outbound.  NAT the internal network behind the WAN IP.  Running 2.1-Release.

    So far I have done this, and it neither works nor really seems like I'm going about it in the right way:

    1. created two routes under System: Gateways for 0.0.0.0/1 and 128.0.0.0/1 (I don't see a way to create a route for 0/0) to the external proxy IP

    2. in doing step 1, selected the "or add a new one" link to create a GW with the external proxy IP (I cannot go back and edit this, though; the system complains that the IP is not local to any interface)

    3. created a firewall rule on the LAN interface with a source of the host in question, * port, * destination, * port, and the GW created in step 2 as the gateway.  I am not using queues, so that's set to none.

    So the traffic isn't routing out to the proxy, and the logs there reflect that.

    In pfsense the firewall logs for the rule created in step 3 show the real destination for the traffic, not the proxy (I don't know if that's intentional or not).  Also under Diagnostics: Routes I don't have an entry for the routes I configured.

    Maybe I'm way off base, I appreciate any guidance.


Log in to reply