thanks Jim -
I got the impression from reading the pfsense forum that there is a
way to block https for specific domains by denying the connect method
- am I understanding this wrong?
Otherwise I might give WPAD a try.
Luke Jaeger | Technology Coordinator
Pioneer Valley Performing Arts Charter Public School
www.pvpa.org
On Jun 30, 2010, at 4:06 PM, Jim Pingle wrote:
On 6/30/2010 4:00 PM, Luke Jaeger wrote:
I decided to enable transparent proxy on my school firewall because I
was getting a million requests a day to configure proxy settings on
student laptops.
But now that I turned on transparent proxy, students have discovered
that they can get to banned sites (like facebook) via https.
http://www.facebook.com is blocked but https://www.facebook.com still
works.
Can someone let me know how to block these? I understand I have to
deny
the 'connect method' but don't see where to do this. Can this only be
done in command line?
You cannot transparently proxy SSL connections. You would have to deny
outbound access to port 443 and if they want SSL, they must configure
the proxy settings into their browser(s) either by hand or
automatically
with something like WPAD.
Jim
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
---------------------------------------------------------------------
To unsubscribe, e-mail: support-unsubscr...@pfsense.com
For additional commands, e-mail: support-h...@pfsense.com
Commercial support available - https://portal.pfsense.org
