Redirect HTTP\HTTPS traffic to external Proxy with fail-thru



  • Hoping this is the correct forum for this question.

    I have a PFSense installation on some fairly low end hardware (ALIX 2D.3) platform. It's been working well for years. Super stable platform.

    I have a need at this particular location to roll out a Proxy application that will proxy all web traffic (Squid based). The proxy will run as a VM instance in our ESXi environment. The PFSense host doesn't have the horsepower to run squid natively, and we don't want to mix the two anyway.

    I've been reading various forums and documentation, and it seems certain it is possible to redirect the traffic to the proxy and back out to the internet. However, any thoughts on a fail-open scenario should the firewall not be able to communicate with the proxy for any reason? If the proxy goes down for whatever reason, I'm looking for a scenario in which the firewall then continues forwarding traffic to and from the Internet without any intervention on my part.

    Thanks in advance.

    Best Regards,
    Chris