Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Port sharing squid reverse proxy & openvpn

    Scheduled Pinned Locked Moved OpenVPN
    5 Posts 2 Posters 3.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      stanthewizard
      last edited by

      Hello

      I've squid reverse proxy working on port 24443
      Nat & rule to have 443 passed to 127.0.0.1 on 2443
      Working well

      I want to have squid listening on 443 (apparently not allowed)
      open VPN listening on 443 (with this advanced setting: port-share 127.0.0.1 443

      I'm unable to make it work …

      Can someone get me a solution ?

      Thanks

      1 Reply Last reply Reply Quote 0
      • S
        stanthewizard
        last edited by

        Found it

        Open vpn on port 443
        Nat https to https on localhost
        With advanced
        Port-share 127.0.0.1 4443

        Then

        Squid reverse proxy on 4443 for https

        Works

        1 Reply Last reply Reply Quote 0
        • U
          uht
          last edited by

          Hello stanthewizard,

          I am trying to realize the same as you did but wasn't successful yet.
          Could you please describe your NAT settings in more detail?

          Thanks and regards

          1 Reply Last reply Reply Quote 0
          • S
            stanthewizard
            last edited by

            You install openvpn
            with default parameter but listening on port 443
            then in advanced type this:
            Port-share 127.0.0.1 4443

            On NAT
            TCP/UDP * * your wan 443 (OpenVPN) 127.0.0.1 443 (OpenVPN)

            With squid reverse proxy listening on 4443 eveyrthing should be working

            If not
            give detail about your config

            1 Reply Last reply Reply Quote 0
            • U
              uht
              last edited by

              Hi stanthewizard,
              thanks four your explanation. I got it up and running as described below.

              • installed OpenVPN with the Wizard to listen on the WAN interface, port 443, TCP, tun mode
              • in "Advanced" I inserted the following "port-share 192.168.0.1 4443"
              • and added a NAT Port Forward rule as following:

              | If | Proto | Src. addr | Src. ports | Dest. addr | Dest. ports | NAT IP | NAT Ports |
              | WAN | TCP | * | * | WAN address | 443(HTTPS) | 192.168.0.1 | 443(HTTPS) |

              • as expected, the firewall rule was created automatically, which is why the following rules are defined for the WAN interface:

              | ID | Proto | Source | Port | Destination | Port | Gateway | Queue | Schedule |
              | IPv4 TCP | * | * | WAN address | 443(HTTPS) | * | none | |
              | IPv4 TCP | * | * | 192.168.0.1 | 443(HTTPS) | * | none | |

              • squid3 reverse is listening on the WAN interface, port 4443

              In my case the IP "127.0.0.1" did not work. The problem was that the pfsense is located behind the ISP's router which forwards the port 443 to the pfsense box. Instead, I had to use the WAN interface's IP address "192.168.0.1" of my pfsense box.

              Thanks again.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.