Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proxy blocked by firewall

    Scheduled Pinned Locked Moved Firewalling
    7 Posts 2 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      christooss
      last edited by

      I have installed squid as proxy at my pfsense machine now I'm having problems with connecting to it. I want to do following setting

      NoneLocal Computer –-> proxy ----> web pages

      Any ideas. Do I have to create NAT rule? I don't know how to manage this problem.

      Thanks for the anwsers

      1 Reply Last reply Reply Quote 0
      • Cry HavokC Offline
        Cry Havok
        last edited by

        Where is the proxy - do you have a rule on allowing traffic:

        a) From the computer to the proxy
        b) From the proxy to the Internet

        1 Reply Last reply Reply Quote 0
        • C Offline
          christooss
          last edited by

          I have installed squid and it is setup to port 3128 (default one)

          than I created rule to forward port 3128 to localhost (on pfsense)

          I don't know what is the right way.

          Which rules do I have to apply to NAT?

          3128 –- > ? So I have to do 3128 (xxx.xxx.xxx.xxx ip) --> bounce ---> 80 to outer world? how :)

          do I have to forward port 3128 to port 80? To which IP? 192.168.1.1 which is IP if my pfsense machine or to 127.0.0.1 as in localhost?

          1 Reply Last reply Reply Quote 0
          • Cry HavokC Offline
            Cry Havok
            last edited by

            You don't have to create any NAT rules, indeed they may cause you problems.

            Just ensure that you don't block traffic to port 3128/TCP on the LAN interface.  At that point you should be able to connect to the proxy without problems.

            1 Reply Last reply Reply Quote 0
            • C Offline
              christooss
              last edited by

              Nothing is getting blocked. Thing is that Im having no problems connecting to proxy through LAN. But connection from noLAN computer gets blocked.

              1 Reply Last reply Reply Quote 0
              • Cry HavokC Offline
                Cry Havok
                last edited by

                Ok, so you want a device on the WAN to be able to connect to the proxy?

                1. Select both WAN and LAN in the Squid interfaces list (in the Squid config pages) (and select how you want to restrict access - via authentication or IP ranges)
                2. Create a rule on the WAN interface allowing traffic to reach the WAN IP on port 3128/TCP
                1 Reply Last reply Reply Quote 0
                • C Offline
                  christooss
                  last edited by

                  Thanks its working.

                  The problem was that WAN LAN selection. I didn't think about it :)

                  Thanks again

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.