[pfSense Support] embedded pfsense and external squid ... how?
hi all, i have a working pfsense setup on a soekris i've also have got a squid server in my dmz and would like to transparently redirect all http traffic to this external squid instance. is this possible without getting into some serious loops? cheers charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
In pfSense's DHCP Server config, put the squid's server up address as the gateway. lartc escreveu: hi all, i have a working pfsense setup on a soekris i've also have got a squid server in my dmz and would like to transparently redirect all http traffic to this external squid instance. is this possible without getting into some serious loops? cheers charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
David Meireles wrote: In pfSense's DHCP Server config, put the squid's server up address as the gateway. David, you are either joking, or crazy... :) LARTC, Add a redirect on LAN interface from LAN to any port 80, internal address proxy. If you need 443 (or 8080), create an alias and use that inthe redirect rule. Remember to pass traffic from the proxy to the internet (on DMZ) Angelo. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
On Fri, 2008-11-14 at 14:52 +0100, Angelo Turetta wrote: David Meireles wrote: In pfSense's DHCP Server config, put the squid's server up address as the gateway. David, you are either joking, or crazy... :) LARTC, Add a redirect on LAN interface from LAN to any port 80, internal address proxy. If you need 443 (or 8080), create an alias and use that inthe redirect rule. Remember to pass traffic from the proxy to the internet (on DMZ) Angelo. hi angelo, thanks :-) charles -- simplified chinese is not nearly as easy as they would have you believe ... a superlative oxymoron --anonymous - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
Angelo, not joking, not crazy... Before having squid installed in the pfSense box, there was an IPCop Proxy with a direct connect to the web (2 lan cards, one green, other red). To make the clients pass that server (in transparent mode), I used it as gateway in DHCP config, and it worked all the time... ??? lartc escreveu: On Fri, 2008-11-14 at 14:52 +0100, Angelo Turetta wrote: David Meireles wrote: In pfSense's DHCP Server config, put the squid's server up address as the gateway. David, you are either joking, or crazy... :) LARTC, Add a redirect on LAN interface from LAN to any port 80, internal address proxy. If you need 443 (or 8080), create an alias and use that inthe redirect rule. Remember to pass traffic from the proxy to the internet (on DMZ) Angelo. hi angelo, thanks :-) charles - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
Important point of note, you cannot transparently redirect SSL encrypted traffic to squid for caching. Squid can't look inside an SSL tunnel and so the connections will simply break. Otherwise, Angelo's correct, this is the way to transparently redirect to an external squid box. Angelo Turetta wrote: David Meireles wrote: In pfSense's DHCP Server config, put the squid's server up address as the gateway. David, you are either joking, or crazy... :) LARTC, Add a redirect on LAN interface from LAN to any port 80, internal address proxy. If you need 443 (or 8080), create an alias and use that inthe redirect rule. Remember to pass traffic from the proxy to the internet (on DMZ) Angelo. - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org !DSPAM:491d944715801475114737! - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
Re: [pfSense Support] embedded pfsense and external squid ... how?
On Fri, Nov 14, 2008 at 9:03 AM, David Meireles [EMAIL PROTECTED] wrote: Angelo, not joking, not crazy... Before having squid installed in the pfSense box, there was an IPCop Proxy with a direct connect to the web (2 lan cards, one green, other red). To make the clients pass that server (in transparent mode), I used it as gateway in DHCP config, and it worked all the time... I'm guessing the IPCop redirects port 80 to it's local squid instance. If your squid is setup this way, then yes, this would work. I can only guess at the original posters configuration, but it's likely not setup to do that. Squid is probably running on it's default 3128 port and expecting to be used as a proxy and is using pfSense to do the redirection. --Bill - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Commercial support available - https://portal.pfsense.org
