Try this: Add a portforward at interface LAN, external adress any (not interface adress), protocol TCP, external port range 80, NAT IP proxy at OPTx, local port 80. Save, apply.
Hope, it works, Martin -----Ursprüngliche Nachricht----- Von: Mike Lever [mailto:[EMAIL PROTECTED] Gesendet: Sonntag, 11. Mai 2008 21:57 An: support@pfsense.com Betreff: RE: [pfSense Support] Where do I put squid ? Thaks David ! Bear in mind that I am using it as a transparent proxy. Surely I must set some rules on the firewall to route all http traffic to the squid box and back to the pfsense box ? Mike Lever Tenacity Films (Pty) Ltd t/a Velocity Films (t) +2711-807-0100 (f) +2711-807-1208 -----Original Message----- From: "David Meireles" <[EMAIL PROTECTED]> To: support@pfsense.com Sent: 08-05-11 21:27 Subject: RE: [pfSense Support] Where do I put squid ? Ok, on the DHCP Server you have as gateway the squid server, and the squid server will have as gateway the pfsense IP (that way you won't need to have 2 interfaces on the squid server, since it's all in the same subnet). About the rules, use only the squid server to apply the squid rules, and the rest, leave it on the pfsense (port blocking and stuff). Dom, 2008-05-11 s 21:19 +0200, Mike Lever escreveu: > Done that, but where I was battling was setting IP addresses on the pfsense > interface (the squid is static) what do I set as the ip address and gateway ? > Also how do I configure the firewall rules ? > > Any ideas there ? > > Mike Lever > > Tenacity Films (Pty) Ltd > t/a Velocity Films > (t) +2711-807-0100 > (f) +2711-807-1208 > > > -----Original Message----- > From: "David Meireles" <[EMAIL PROTECTED]> > To: support@pfsense.com > Sent: 08-05-11 20:18 > Subject: RE: [pfSense Support] Where do I put squid ? > > Just setup the pfSense DHCP Server to use the squid box as gateway > address. > > Dom, 2008-05-11 s 15:23 +0200, Mike Lever escreveu: > > > Hi Dean , > > > > Thanks for the feedback, so are you suggesting I only use 1 NIC for the > > squid box ? as opposed to 2, 1 coming IN from the Pfsense / internal network > > and 1 going BACK to the Pfsense. > > > > Regards, > > > > > > Mike Lever > > > > Tenacity Films (Pty) Ltd t/a > > Velocity Films > > > > (T) +2711-807-0100 > > (F) 086-681-7518 > > > > http://www.velocityfilms.com > > > > > > CONFIDENTIALITY CAUTION: If you have received this communication in error, > > please note that it is intended for the addressee only, is privileged and > > confidential and dissemination or copying prohibited. Please notify us > > immediately by e-mail and return the original message. Thank you. > > > > > > -----Original Message----- > > From: Dean Larson [mailto:[EMAIL PROTECTED] > > Sent: 11 May 2008 01:28 PM > > To: support@pfsense.com > > Subject: RE: [pfSense Support] Where do I put squid ? > > > > > > i think it would be cool to route http traffic to the squid box, but put a > > rule just infront of it to allow your squid box to go out the firewall. for > > security i would not allow a second nic to go out the squid box onto the > > internet. > > > > i myself set up the browsers manually for the squid box. at another gig i > > had, we put a file on a server that gave the browser setting: included proxy > > settings as well as browser bypass for local browsing. it's been a while, > > so i'd have to do some digging through my old files. : i'm a bit brain dead > > today > > > > > > ---------------------------------------- > > > From: [EMAIL PROTECTED] > > > To: support@pfsense.com > > > Date: Sun, 11 May 2008 10:25:14 +0200 > > > Subject: [pfSense Support] Where do I put squid ? > > > > > > I've got Pfsense running on one box going out to 5 DSL WAN Ports. I have > > now > > > setup a squid box running separately. I would like to run it as a > > > transparent proxy on my network. How do you suggest I set it up ? > > > > > > Do I put another NIC in the squid box, then setup a firewall rule to route > > > all http traffic to the squid box / gateway and then load balance the > > squid > > > box's traffic out ? > > > > > > The Pfsense box IP = 10.0.0.3 > > > Squid IP = 10.0.0.197 > > > > > > Regards, > > > > > > > > > Mike Lever > > > > > > Tenacity Films (Pty) Ltd t/a > > > Velocity Films > > > > > > (T) +2711-807-0100 > > > (F) 086-681-7518 > > > > > > http://www.velocityfilms.com > > > > > > > > > CONFIDENTIALITY CAUTION: If you have received this communication in error, > > > please note that it is intended for the addressee only, is privileged and > > > confidential and dissemination or copying prohibited. Please notify us > > > immediately by e-mail and return the original message. Thank you. > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > _________________________________________________________________ > > With Windows Live for mobile, your contacts travel with you. > > http://www.windowslive.com/mobile/overview.html?ocid=TXT_TAGLM_WL_Refresh_mo > > bile_052008 > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
