Proxy Server

Security Gateway Discussions
Post Reply
Gabriele
Posts: 12
Joined: 07 May 2008, 15:46

Proxy Server

Post by Gabriele » 16 Jan 2009, 18:32

Hello,
I have a Linux Proxy Server connected to the LAN (192.168.1.253); this machine have a second ethernet that connet to Internet with ISP2
I have a Clavister SG connected to the LAN (192.168.1.254); is connect to Internet with ISP1

The gateway on all client is Clavister SG (192.168.1.254).

I wan to redirect all web traffic via Linux... other traffic with SG...

Can I use PBR?

mattias
Beta Tester
Posts: 28
Joined: 14 Apr 2008, 21:34
Location: Örnsköldsvik
Contact:

Re: Proxy Server

Post by mattias » 19 Jan 2009, 12:53

Hi,

Have you tried this guide viewtopic.php?f=8&t=3422 ?

Mattias

Gabriele
Posts: 12
Joined: 07 May 2008, 15:46

Re: Proxy Server

Post by Gabriele » 19 Jan 2009, 14:20

The proxy Machine in the example is in the DMZ net.
My proxy machine is in the LAN net.
I tried to configure on the LAN net but does not function!

mattias
Beta Tester
Posts: 28
Joined: 14 Apr 2008, 21:34
Location: Örnsköldsvik
Contact:

Re: Proxy Server

Post by mattias » 19 Jan 2009, 14:29

If the proxy server and clients are on the same network you will have to do a SAT+NAT instead of SAT+Allow, remember to allow the Linux/Squid proxy to access the internet before the SAT rule.

timlok
Posts: 2
Joined: 28 May 2016, 17:22

Re: Proxy Server

Post by timlok » 28 May 2016, 18:20

mattias wrote:If the proxy server and clients are on the same network you will have to do a SAT+NAT instead of SAT+Allow, remember to allow the Linux/Squid proxy to access the internet before the SAT rule.
Hello!
I have a DFL-1660 (firmware 10.22.01.04-26412) and pfsense 2.3.1-RELEASE-p1, but the same problem. Did you advise, but still does not work. At the same time, if you specify in the settings of the browser address and proxy port, the browser connects to the Inte10rnet.
What am I doing wrong?
NAT lan1 srv_proxy_wan wan1 all-nets all_services
SAT lan1 lan1net_193 wan1 all-nets http DST:srv_proxy_lan:3128
NAT lan1 lan1net_193 wan1 all-nets http
[attachment=0]inet - 1.png[/attachment
Attachments
inet - 1.png
inet - 1.png (61.08 KiB) Viewed 7234 times

mattias
Beta Tester
Posts: 28
Joined: 14 Apr 2008, 21:34
Location: Örnsköldsvik
Contact:

Re: Proxy Server

Post by mattias » 08 Sep 2016, 10:25

Try this:

NAT lan1 srv_proxy_wan wan1 all-nets all_services
SAT lan1 lan1net_193 wan1 all-nets http All-To-One DST:srv_proxy_lan:3128
NAT lan1 lan1net_193 wan1 all-nets http

timlok
Posts: 2
Joined: 28 May 2016, 17:22

Re: Proxy Server

Post by timlok » 12 Sep 2016, 07:25

mattias wrote:Try this:
NAT lan1 srv_proxy_wan wan1 all-nets all_services
SAT lan1 lan1net_193 wan1 all-nets http All-To-One DST:srv_proxy_lan:3128
NAT lan1 lan1net_193 wan1 all-nets http
Sorry, it does not work. This is what is responsible proxy when prompted price.ru:

Code: Select all

ERROR
The requested URL could not be retrieved

The following error was encountered while trying to retrieve the URL: /

    Invalid URL

Some aspect of the requested URL is incorrect.

Some possible problems are:
    Missing or incorrect access protocol (should be "http://" or similar)
    Missing hostname
    Illegal double-escape in the URL-Path
    Illegal character in hostname; underscores are not allowed.
And now that the proxy log:

Code: Select all

	Date 				IP 		Status 			Address 										User 	Destination
12.09.2016 12:21:03 	192.168.192.213 	TCP_IMS_HIT/304 	http://pfsense:3128/squid-internal-static/icons/SN.png 	- 	-
12.09.2016 12:20:56 	192.168.192.213 	TAG_NONE/400 	/ 	- 	-
12.09.2016 12:19:25 	192.168.192.213 	TCP_MEM_HIT/200 	http://pfsense:3128/squid-internal-static/icons/SN.png 	- 	-
12.09.2016 12:19:25 	192.168.192.213 	TAG_NONE/400 	/

Post Reply