Using External Squid Proxy server [SOLVED]



  • Hi all,

    I have read a lot of discussions on the topic of using external proxy server before I posted this one
    but still could not get this one to work. I have an SG-4860 (actually two, high availability) updated to
    the latest version 2.3. We have two ISP, one is used mainly by Desktop users for browsing, downloading etc.

    They request their IP addresses via DHCP and is given the default gateway address of a Debian Linux
    server with IP tables and Squid.

    The other one is used by servers, and are used by remote clients accessing our various web services.
    These servers use the PFSesnse FW as their default gateway.

    Debian Linux's WAN connection is provided by Roger's Cable (Canada) and has no cap.
    PFsesne WAN connection has a cap. So we want to offload anything we can to the Roger's pipe.

    Under Firewall / NAT / Port Forward, I added one rule:

    Interface: LAN
    Protocol: TCP
    Source: Any
    Destination Port Range: HTTP
    Redirect port range: 192.168.2.1 (Debian)
    Redirect target port: 3128

    When this rule is enabled, I can't browse on machines whose default gateway is the PFSense FW.

    Thank you.



  • Solved!

    Interface: LAN
    Protocol: TCP
    Source: Any
    Destination Port Range: HTTP
    Redirect port range: 192.168.2.1 (Debian)
    Redirect target port: 80


Log in to reply