Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Weird problem in squid guard - Partial access to the Internet

    Scheduled Pinned Locked Moved
    Cache/Proxy
    2
    14
    5.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • KOMK
      KOM
      last edited by

      Anything that silently intercepts an HTTPS session will trigger a browser Man in the Middle attack warning unless you have distributed the pfSense server certificate to all your clients.  You can avoid this by either installing the cert on every client PC, tablet, phone, etc etc, or stop using Transparent mode.

      1 Reply Last reply Reply Quote 0
      • F
        firefox
        last edited by

        Not clear to me
        how the other computers work correctly ?

        1 Reply Last reply Reply Quote 0
        • KOMK
          KOM
          last edited by

          If they were going to an HTTP site then it would work without any errors.  Where were these clients going when they did/didn't work right?

          1 Reply Last reply Reply Quote 0
          • F
            firefox
            last edited by

            Accesses the same sites - google.com, walla.co.il, ynet.co.il,
            I did not check more sites
            Because it's not my computer (do not have much access to it)
            It's my sister

            Update
            Two computers back to work correctly
            Only one causing problems (my sister computer)
            And there is not at all the sites

            1 Reply Last reply Reply Quote 0
            • KOMK
              KOM
              last edited by

              It could be that for the other computers, someone added the pfSense cert to the list of Trusted certificates.

              1 Reply Last reply Reply Quote 0
              • F
                firefox
                last edited by

                how can i check if certificates is pfsense ?

                two computer use ubuntu and firefox are ok
                one computer use win xp and crome or iexplorer not ok          <–-------- problem computer
                one computer use win7 and firefox is ok

                1 Reply Last reply Reply Quote 0
                • KOMK
                  KOM
                  last edited by

                  Run IE and go to Options - Content - Certificates.  Look for a cert from either pfSense or Electric Sheep Fencing (ESF).

                  1 Reply Last reply Reply Quote 0
                  • F
                    firefox
                    last edited by

                    I checked all computers (5 computers)

                    The certificate does not appear in any of them

                    1 Reply Last reply Reply Quote 0
                    • KOMK
                      KOM
                      last edited by

                      Well then, I don't know what to tell you.  You have one computer with a problem.  I doubt it's pfSense or Squid.  The one computer that has the problem is so old, it may not have the proper Root Certificate updates from Microsoft.  Chrome and IE share the same certificate store, whereas Firefox uses its own.  Try running Firefox on the XP box and see if that is any different.

                      1 Reply Last reply Reply Quote 0
                      • F
                        firefox
                        last edited by

                        Try running Firefox on the XP box and see if that is any different.

                        I'll try

                        Clarification
                        the computer is old old
                        the operating system is old

                        Update from yesterday
                        But it was already too late and I turned off my computer

                        The computer in question was one hour ahead

                        I set the computer time and date accurate
                        And now

                        Only two sites inaccessible
                        And show the same message as before

                        1 Reply Last reply Reply Quote 0
                        • First post
                          Last post