Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Squid Reverse Proxy HTTPS Outside to HTTP Inside

    Cache/Proxy
    1
    1
    871
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • P
      paraffin last edited by

      Hi

      I am pretty new to pfSense but we are up and running and have been working through configuration quite well.

      I am implementing Squid Reverse Proxy at a site that only has 2 Public IP's and they want multiple services published behind this via HTTPS which is fine. The initial steps I have taken are

      1.) Add the correct SSL cert to pfSense in Cert Manager - Confirmed working
      2.) Created a NAT and Firewall Rule to from Port 443 to 127.0.0.1 Port 1433
      3.) Changed Squid Guard to listen on Loopback Adapter
      4.) Enable HTTPS on 1443
      5.) Added the Intermediate Cert for my CA
      6.) Setup Web Servers as follows: on  TST02  192.168.248.13  443  HTTPS
      7.) Setup Mappings with the url as an example webtest1.mydomain.com
      8.) Enabled Squid Guard

      This config works fine and I added a 2nd web server and that also worked fine.

      My question is if I need to load the SSL Cert on the pfSense I would rather not install it on all servers too as they are internal on a segregated network so HTTP is good with me.

      Is it possible with Squid Guard to have the WAN traffic come in on 443 and then switch it on the LAN to port 80?

      So far I tried just setting the port on the Web servers to port 80 and HTTP  (TST02  192.168.248.13  80  HTTP) but this did not work.

      Could this be because I have the Web GUI running on port 80?

      I will continue the trial and error but just wondered if anyone had any information that could help.

      Cheers
      David

      1 Reply Last reply Reply Quote 0
      • First post
        Last post

      Products

      • Platform Overview
      • TNSR
      • pfSense
      • Appliances

      Services

      • Training
      • Professional Services

      Support

      • Subscription Plans
      • Contact Support
      • Product Lifecycle
      • Documentation

      News

      • Media Coverage
      • Press
      • Events

      Resources

      • Blog
      • FAQ
      • Find a Partner
      • Resource Library
      • Security Information

      Company

      • About Us
      • Careers
      • Partners
      • Contact Us
      • Legal
      Our Mission

      We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

      Subscribe to our Newsletter

      Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

      © 2021 Rubicon Communications, LLC | Privacy Policy