Passthrough webfiltering



  • Alright, so i'll start off by saying i have seen ALOT of great things about pfsense and i think its about time to take a dive into it… But my google-fu is weak for what i want to do, so let me explain my current network.

    Verizon FiOS router sits on the outside, i cant remove it b/c it connects to my cable boxes....From there i have my Sonicwall connected, my Sonicwall is NAT'd to the verizon router. From the sonicwall i have my private LAN network, and my guest Wifi network on 2 separate VLAN's.

    What i wish to accomplish is to keep my Sonicwall in place (preferably) but feed LAN from the sonicwall into say Port 1 of the pfsense device, filter out any ads/potentially dangerous files, then Port 2 connects back to my LAN network; idc about the guest network as they're only guests.

    Is this possible? I pretty much want to use it as a type of active passthrough device...if thats the proper word i want



  • You could set it up with just the one LAN interface as a pure Squid3/squidGuard/ClamAV web proxy.  No need for NAT.  Squid would have to be in explicit mode, so all your clients would have to be configured to use the proxy or you would have to setup WPAD for proxy auto-detection by your clients.


Log in to reply