Thanks for the reply. Yes, I am trying to redirect all http(s) traffic (while not interrupting any other traffic) to the proxy server on the OPT2 network to either transparently proxy or possibly authenticate users for http(s) access. I would like it to be transparent so the users will get content screening and not have to actually login, but that is optional at this point, and out-of-scope for this question.
All users on the LAN network have a series of "allowed ports" ie. FTP, HTTP, POP3, SMTP, VPN, and IM. All I am looking to accomplish is provide some content control with the proxying and URL filtering of 80 & 443 traffic ... nothing more. I would like for ALL of the other "allowed ports" to flow through the pfSense GW as designed by filter rules. I just need http(s) / 80 & 443 to be redirected to the OPT2 network to be picked up by the proxy server. Hope that helps to clarify for all ... Thanks in advance ... -- David L. Strout Engineering Systems Plus, LLC ----- Original Message ----- Subject: Re: [pfSense Support] SNAPSHOT_04-06-2006 ??'s From: [EMAIL PROTECTED] To: support@pfsense.com Date: 04-07-2006 2:58 pm > I probably don't fully understand what you're trying to do, but try a > Port Forward on the LAN interface and redirect all source to all dest > port 80 to the proxy port on the IPCop. Ditto for HTTPS, although I'm > not sure you can transparently proxy HTTPS. > > --Bill > > On 4/7/06, David Strout <[EMAIL PROTECTED]> wrote: > > Everyone, > > > > Some nice additions to this rel. .. KUDOS!! > > > > A question though on port redirecting ... > > > > Here is the setup: > > > > --> pfSense boxes acting as a contractor GW w/ > > LAN, WAN, OPT1(DMZ) and OPT2(PROXY) > > > > --> WAN is static (business DSL w/ 8 addresses) w/ > > global IP. > > --> LAN is private 192.168.100.0/128 > > --> OPT1 is private 10.1.1.0/24 > > --> OPT2 is private 10.1.2.0/24 > > > > --> OPT2 has an IPcop proxy server sitting on that > > network w/ two interfaces. I will eventually put > > one interface into the ISP network and grab a > > static from my "small"pool, but I want to make > > sure that I can accomplish what I have conceived > > before doing so. > > > > MY question: > > > > Is there a way to redirect all port 80 & 443 > > traffic coming in the LAN interface to the OPT2 > > interface to provide that all web traffic is > > monitored and accounted for. I would like to do > > this wo/ getting into the SSH shell and doing > > command line pf redirects. I was thinking and > > looking around at outbound NAT ... can I > > accomplish this with outbound NAT? > > > > If not is there any way of getting this done in > > the GUI wo/ having to do it through the shell? > > > > Are there any plans for pf redirects in the GUI in > > the foreseeable future? > > > > Thanks in advance ... !! > > -- > > David L. Strout > > Engineering Systems Plus, LLC > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]