Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Allowing mobile devices through proxy [Squid + AD Auth + WPAD]

    pfSense Packages
    3
    4
    2.4k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      azkerm
      last edited by

      Hi There,

      Our pfsense serves the internet via Squid proxy + AD authentication while filtering HTTP/HTTPS access using Squidguard with WPAD enabled. So that users do not need to enter proxy manually as the WPAD functionality serves it. I've added two rules to block HTTP/HTTPS access on default ports to make sure users won't go to the internet without the automatic proxy.

      Now the problem is that, it effects mobile internet users too. Because, when I block HTTP (80) & HTTPS (143) default services by a rule it blocks all over. PC's have the capability to select auto detect proxy so that WPAD will serve while PC browser requests. If so, is there any solution which I can allow mobile users too; while blocking the direct http/https ports?

      1 Reply Last reply Reply Quote 0
      • D
        dig1234
        last edited by

        transparent proxy?

        1 Reply Last reply Reply Quote 0
        • C
          Cino
          last edited by

          iphone/ipad, you can use wpad but you have to enable it in the wifi setting for automatic… android, you have to manually set the proxy server in the dhcp/wifi setting... but i dont think https will work right...

          1 Reply Last reply Reply Quote 0
          • A
            azkerm
            last edited by

            Sorry for the long come back. Been busy with some works though.

            @dig1234:

            transparent proxy?

            Nope it is not transparent. Both HTTP/HTTPS are filtered & using WPAD for auto proxy.

            @Cino:

            iphone/ipad, you can use wpad but you have to enable it in the wifi setting for automatic… android, you have to manually set the proxy server in the dhcp/wifi setting... but i dont think https will work right...

            This is a pain. May be I should use some sort of captive portal on a different subnet. But then again it break the whole point of having a proxy in place. :(

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.