Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Squid3 Reverse Proxy - HTTPS

    Scheduled Pinned Locked Moved Cache/Proxy
    2 Posts 2 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jvantslot
      last edited by

      I'm having some difficulty getting a reverse proxy setup with Squid3.

      Seem that the HTTP reverse proxy is working properly, but the HTTPS is not.

      I've followed this turorial: https://onedrive.live.com/view.aspx?resid=82488EABA4ACDB15!2298&app=Word&authkey=!ABHZlUvWn0BwW34
      and modified the following system tunables:

      • net.inet.ip.portrange.first = 0

      • net.inet.ip.portrange.reservedhigh = 0

      To work around the error messages complaining about ports 80 and 443 being below 1024.

      I've got two web servers configured:

      web.example.com and mail.example.com

      When I connect to my single WAN interface using http://web.example.com everything seems to be working fine.

      When I connect to https://web.example.com or https://mail.example.com I seem to be redirected to the pfSense Admin interface on port 443.

      Any hint at what I should modify to get https reverse proxy to work properly?

      Thanks for any help!

      james

      1 Reply Last reply Reply Quote 0
      • J
        jbcrouigneau
        last edited by

        Hello,

        I had both HTTP and HTTPS servers behind squid reverse proxy. All was working well until a few days ago.
        Suddenly, HTTPS stopped working, redirecting to pfsense login page.
        Tried to reboot, upgrade to last version, but still blocking…

        Any hint ?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.