Squid3 Reverse Proxy not working



  • Hi Folks,

    I know the title seems a little far reaching but it's the best I can come up with for a description.

    I've been using pfSense now for over a year without any major issues at all. I was using squid3's Reverse Proxy to publish my website, owncloud and Zimbra servers without much incident but since the upgrade to 2.2 reverse proxy just stopped working.

    Now from what I can see squid is still listening for the hostnames and from what I can see it is still trying to route the traffic to the correct internal webserver but I just can't get the pages to load externally.

    My question is two fold I suppose :

    1. Is there a known issue since the 2.2 pfSense update
    2. how do I completely reset the squid3 configuration - if I just uninstall and reinstall the previous config gets loaded backup. How do I uninstall and remove the previous config so I can reinstall Squid clean.

    Cheers,
    TQ



  • right I should have just researched a bit more in the forums. I found this post https://forum.pfsense.org/index.php?topic=87280.0 which details an issue with the 2.2 update where it looks like Squid can't get a lock on the "All Mighty" Reserved ports.

    So to workaround this a NAT Policy is needed to route port 80 traffic from the WAN ADDRESS and NAT TO 127.0.0.1 listening on the same port that squid is configured to (In my case I chose 8081)

    then in squid Reverse Proxy configure it to listen on Localhost and enable the reverse proxy for HTTP on port 8081.

    Configure your webservers and your mappings and all is good.

    :)



  • Hi I did exactly what you told but it isn't working, when I try to access the webservers squid returns with an error "The requested URL couldn't be retrived"

    I don't know what more to do!!

    Thanks!



  • Thanks for pointing me in the right direction laoistom. One additional thing to mention when using this config is that you need to ensure the Reverse Proxy is bound to the loopback address as well as WAN and any other interfaces you need. Mine was originally just set to WAN in the Squid Reverse proxy General Settings but adding loopback made this solution work.

    Hope this helps fneto.



  • Can anypost pics of there config I cant seem to get it working.

    I've tired just about everything


Log in to reply