Using a PAC file for Pfsense itself



  • Hi guys

    I've got a question with regard to setting pfsense proxy.
    This isn't for clients, but to allow pfsense to use an upstream proxy outside the network.
    From what I can see, pfsense allows you to enter a server address for this, but it doesn't seem to allow for a PAC file.  Is there anyway that I can get pfsense to use a PAC file?
    This is for a UK school network, so it sits behind a pseudo-public network provided by the county (on 10.x.x.x) and a PAC file is provided for clients to get out to the internet.

    Any help greatly appreciated!



  • I'm assuming that you need a proxy pac file to configure different rules/routes for specific target hosts for your clients. In this case you can install Squid on pfSense and do the same thing simply setting up a cache peer (upstream proxy) with rules to use access control lists with particular targets. Here's a short howto: http://serverfault.com/questions/198806/squid-selects-parent-depending-on-requested-url



  • Hi

    Thanks for responding.

    What I'm after is a way of putting a PAC file into pfsense so it uses it to talk the internet. This isn't for the clients, but for downloading packages into pfsense.



  • As far as I know this isn't possible. Why would you need a PAC file for simply downloading pfSense packages? They're all available via the internet anyway so you wouldn't need to selectively change the route out to pick them up. If you have a proxy defined for getting out to the internet then simply enter it in the proxy forwarder settings and you should be good.



  • Hi

    The proxy PAC file is provided by the filtering service provided to the school and nothing owrks without it.
    However, I may now have a way past this as I'm being sent a fixed proxy IP and port which pfSense will take.

    Thanks for respodning & trying to help.


Log in to reply