Redirecting SQUID Transparent Proxy through VPN


Recommended Posts

Hey guys,

As you may know from previous Threads I've got a pfSense box as my router and am diverting all WAN bound traffic through a OpenVPN connection.

Now I've installed SQUID and set it to Transparent mode so everyone gets the Caching Benefits (large hard drive so I've set a massive cache) but now my WAN IP is showing as my Virgin Media IP address and not my VPN IP, how can I have SQUID Traffic sent via the OVPN Interface instead of the WAN Interface?

Thanks

Chris

Link to comment
Share on other sites

Love to see topics about pfsense and all here on neowin, but your prob better off we these types of questions on their forums.. I am also pretty active there under a different nick

Quick google found this

http://forum.pfsense.org/index.php?topic=32732.0

HOW TO - OpenVPN to a public VPN provider + transparent SQUID

I am currently not using squid, nor a vpn provider so sad to say prob wont be much help with this one.

edit: I was just reading this linked thread, and I think the guy is off his rocker ;) hehehehe there has to be a much easier way than the nonsense he is spouting.

Im thinking something as simple as telling squid which gateway to use would be more like it.

Link to comment
Share on other sites

So pfSense is a software engine that runs on top of whatever managing software comes with the router/firewall ?

confused - for instance we have a SonicWall firewall & Cisco routers - where would this come in to play ?

Link to comment
Share on other sites

# TAG: tcp_outgoing_address

in squid.conf?

squid.conf file shouldn't be modified manually on pfsense from what I've read.

Love to see topics about pfsense and all here on neowin, but your prob better off we these types of questions on their forums.. I am also pretty active there under a different nick

Quick google found this

http://forum.pfsense.org/index.php?topic=32732.0

HOW TO - OpenVPN to a public VPN provider + transparent SQUID

I am currently not using squid, nor a vpn provider so sad to say prob wont be much help with this one.

edit: I was just reading this linked thread, and I think the guy is off his rocker ;) hehehehe there has to be a much easier way than the nonsense he is spouting.

Im thinking something as simple as telling squid which gateway to use would be more like it.

I agree, not wasting my time with Virtual Machines etc. I've read everything on the pfSense forum and nothing has been helpful.

So pfSense is a software engine that runs on top of whatever managing software comes with the router/firewall ?

confused - for instance we have a SonicWall firewall & Cisco routers - where would this come in to play ?

pfSence is an x86 Firewall Distro based on FreeBSD. So, this PC is my Router/Firewall/SQUID/etc

Link to comment
Share on other sites

I have been toying with testing out a vpn provider to be able play with policy based routing.. I have my server that runs my utorrent, and would like to play with just routing its torrent traffic through the vpn. This is more and more common type setup and would like some experience with it to help others going down that path.

It shouldn't be that difficult since traffic is going to be from one port, etc.

Just not sure when I will get around to it, wife had to go and get me a kindle fire for xmas and I can see that will keep me occupied for a few days ;) tinkering. Need to get a openvpn client working on it, and then would love to get a remote desktop app working on it, etc.

You might want to bring sc302 in on this, I know he is actively using squid on pfsense -- I fire it up now and then if need to answer a question for someone. But my pfsense box is only a 800mhz p3 with 512MB ram and since I really have no need to filter anything. And don't have a vpn - also been toying with creating a site to site to work, but have to pull the cert out of my tiks card, etc. Again on my list of things to play with but just not on the front burner.

I really suggest you POST your question on the pfsense forums, very responsive normally!!

And there is nothing saying you can not directly edit the squid.conf -- I have been doing it with the unbound package on pfsense since it came out, to get ipv6 features and acl settings before the gui had the options available, etc. Just the changes got overwritten if you install updated package, etc. But sure there is nothing wrong with tinkering with the underlaying conf files with anything you install on pfsense.. Once you figure it out make sure you post a how to on pfsense so there is something other than that junk I linked too ;)

Link to comment
Share on other sites

This topic is now closed to further replies.