WPAD and mobile users



  • I have recently installed the latest version of pfsense and I am a home user. I have configured separate vlans for mgmt, home lan and guest lan. I am wanting to provide appropriate content filtering functionality and have been messing around with squid3/squidguard for the last week. Unfortunately with the only option to filter https traffic being a MitM intrusion I am looking at implementing WPAD. However, I am wondering if this will work for mobile/device users of Android/iOS?

    Thanks



  • Since u alrdy using WPAD as u said u dont need to do MITM attack on ur network itself , 
    Just let wpad do the auto configuring Most PC's (windows/linux etc)  and for mobile users you notify them how to configure wifi

    Connect to wifi –-select - Modify -Proxy -(Manual) ---Rotuer IP and proxy port

    if you setup properly squid and squidguard you can filter HTTPS traffic like block youtube etc  ,



  • I haven't implemented WPAD just yet. I am looking into the possibility of doing so, but cannot find any information about iOS/Android devices supporting auto-configuration.



  • Hi, IOS supports auto-configuration (tested and works).
    For Android you need to enter the proxy information manually into the device as it does not have a auto-configuration option.



  • In the end will be a pain for all Android devices / users that want to use your wifi… I was on the same road like you to filter https and after first 4 mobile devices I disabled wpad, one of them did not had te option to enter proxy, other did not worked properly... ( now wait for pfblocker until it will replace squid with filtering by IP using available blocking lists.)