Redirect to external proxy server

  • I recently purchased web content filtering service for my company from MessageLabs, and need to be able to redirect all web traffic from within my network to the MessageLabs proxy server which is in the cloud.  My FW guys are telling me that this is not possible using our pfsense fw which is running 1.2 RC1.  I know I can do this at the browser with a policy, but really wanted to "force" it at the fw.  Are my guys correct, and if so, is there anything I can do, short of replacing the fw, that will allow me to do this?

  • First off, get off the release candidate onto the final release.

    Secondly, there are a few ways of solving the problem.  Probably the simplest is to block any outbound traffic on 80 and 443 (yes, there are other ports, but if you're not blocking by default it's a good start) and allow traffic to the proxy.  Then simply tell people that they have to use the proxy.  You could also install Squid in transparent mode and configure MLabs as your upstream proxy (and you'd still have to block 443).

Log in to reply