Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Using External Squid Proxy server [SOLVED]

    Scheduled Pinned Locked Moved NAT
    2 Posts 1 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      m3tatr0n
      last edited by

      Hi all,

      I have read a lot of discussions on the topic of using external proxy server before I posted this one
      but still could not get this one to work. I have an SG-4860 (actually two, high availability) updated to
      the latest version 2.3. We have two ISP, one is used mainly by Desktop users for browsing, downloading etc.

      They request their IP addresses via DHCP and is given the default gateway address of a Debian Linux
      server with IP tables and Squid.

      The other one is used by servers, and are used by remote clients accessing our various web services.
      These servers use the PFSesnse FW as their default gateway.

      Debian Linux's WAN connection is provided by Roger's Cable (Canada) and has no cap.
      PFsesne WAN connection has a cap. So we want to offload anything we can to the Roger's pipe.

      Under Firewall / NAT / Port Forward, I added one rule:

      Interface: LAN
      Protocol: TCP
      Source: Any
      Destination Port Range: HTTP
      Redirect port range: 192.168.2.1 (Debian)
      Redirect target port: 3128

      When this rule is enabled, I can't browse on machines whose default gateway is the PFSense FW.

      Thank you.

      1 Reply Last reply Reply Quote 0
      • M
        m3tatr0n
        last edited by

        Solved!

        Interface: LAN
        Protocol: TCP
        Source: Any
        Destination Port Range: HTTP
        Redirect port range: 192.168.2.1 (Debian)
        Redirect target port: 80

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.