Hi Tim, Thank you very much for that feedback. One question. Once I have setup things as you suggested below, will requests from the squid box out to the internet cloud be load balanced ?
I.e.: How do I ensure that the outgoing traffic that is not on the proxy server is load balanced ? Regards, Mike Lever Tenacity Films (Pty) Ltd t/a Velocity Films (T) +2711-807-0100 (F) 086-681-7518 http://www.velocityfilms.com CONFIDENTIALITY CAUTION: If you have received this communication in error, please note that it is intended for the addressee only, is privileged and confidential and dissemination or copying prohibited. Please notify us immediately by e-mail and return the original message. Thank you. -----Original Message----- From: Tim Nelson [mailto:[EMAIL PROTECTED] Sent: 20 Aug 2008 11:07 PM To: support@pfsense.com Subject: Re: [pfSense Support] Incorporating squid I recently implemented a pfSense + Squid setup for a school. You'll need to make sure that the box you're running squid on is on a different interface than the subnet(s) you want filtered. The rules that redirect traffic destined on port 80 apply globally to an interface so if your squid box lies on that same interface, it will not be able to 'get out' either. Go into NAT, then add a new 'Port Forward'. Use these values: Interface: the interface traffic will be coming in. If you want to filter your LAN clients, select LAN here External Address: any Protocol: TCP External Port Range: 80 (HTTP should be in the drop down box) NAT IP: The IP of your squid box Local Port: The port you have squid running on Save your entries and then apply the changes. Any existing states will not be affected (I don't *think*) so you may have to clear your state tables before this becomes effective for all clients. Tim Nelson Systems/Network Engineer Rockbochs Inc. (218)727-4332 x105 ----- "Mike Lever" <[EMAIL PROTECTED]> wrote: > Hi all, > > I have just had a squid box configured and am about to implement it on > on my network. > > I would like to ask you how you suggest I place it and route traffic > accordingly. Is anybody currently using squid boxes with pfsense. I > can't use the onboard package as I have multiple WAN ports. > > Any help would greatly be appreciated ! > > Mike Lever > > Tenacity Films (Pty) Ltd > t/a Velocity Films > (t) +2711-807-0100 > (f) +2711-807-1208 > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
