Redirecting SQUID Transparent Proxy through VPN

By CPressland
in Smart Home, Network & Security

 Share

Recommended Posts

Grand Master

CPressland

Posted
Posted

Hey guys,

As you may know from previous Threads I've got a pfSense box as my router and am diverting all WAN bound traffic through a OpenVPN connection.

Now I've installed SQUID and set it to Transparent mode so everyone gets the Caching Benefits (large hard drive so I've set a massive cache) but now my WAN IP is showing as my Virgin Media IP address and not my VPN IP, how can I have SQUID Traffic sent via the OVPN Interface instead of the WAN Interface?

Thanks

Chris

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

Love to see topics about pfsense and all here on neowin, but your prob better off we these types of questions on their forums.. I am also pretty active there under a different nick

Quick google found this

http://forum.pfsense.org/index.php?topic=32732.0

HOW TO - OpenVPN to a public VPN provider + transparent SQUID

I am currently not using squid, nor a vpn provider so sad to say prob wont be much help with this one.

edit: I was just reading this linked thread, and I think the guy is off his rocker ;) hehehehe there has to be a much easier way than the nonsense he is spouting.

Im thinking something as simple as telling squid which gateway to use would be more like it.

Grand Master

CPressland

Posted
  • Author
Posted

# TAG: tcp_outgoing_address

in squid.conf?

squid.conf file shouldn't be modified manually on pfsense from what I've read.

Love to see topics about pfsense and all here on neowin, but your prob better off we these types of questions on their forums.. I am also pretty active there under a different nick

Quick google found this

http://forum.pfsense.org/index.php?topic=32732.0

HOW TO - OpenVPN to a public VPN provider + transparent SQUID

I am currently not using squid, nor a vpn provider so sad to say prob wont be much help with this one.

edit: I was just reading this linked thread, and I think the guy is off his rocker ;) hehehehe there has to be a much easier way than the nonsense he is spouting.

Im thinking something as simple as telling squid which gateway to use would be more like it.

I agree, not wasting my time with Virtual Machines etc. I've read everything on the pfSense forum and nothing has been helpful.

So pfSense is a software engine that runs on top of whatever managing software comes with the router/firewall ?

confused - for instance we have a SonicWall firewall & Cisco routers - where would this come in to play ?

pfSence is an x86 Firewall Distro based on FreeBSD. So, this PC is my Router/Firewall/SQUID/etc

Grand Master

+BudMan MVC

Posted
  • MVC
Posted

I have been toying with testing out a vpn provider to be able play with policy based routing.. I have my server that runs my utorrent, and would like to play with just routing its torrent traffic through the vpn. This is more and more common type setup and would like some experience with it to help others going down that path.

It shouldn't be that difficult since traffic is going to be from one port, etc.

Just not sure when I will get around to it, wife had to go and get me a kindle fire for xmas and I can see that will keep me occupied for a few days ;) tinkering. Need to get a openvpn client working on it, and then would love to get a remote desktop app working on it, etc.

You might want to bring sc302 in on this, I know he is actively using squid on pfsense -- I fire it up now and then if need to answer a question for someone. But my pfsense box is only a 800mhz p3 with 512MB ram and since I really have no need to filter anything. And don't have a vpn - also been toying with creating a site to site to work, but have to pull the cert out of my tiks card, etc. Again on my list of things to play with but just not on the front burner.

I really suggest you POST your question on the pfsense forums, very responsive normally!!

And there is nothing saying you can not directly edit the squid.conf -- I have been doing it with the unbound package on pfsense since it came out, to get ipv6 features and acl settings before the gui had the options available, etc. Just the changes got overwritten if you install updated package, etc. But sure there is nothing wrong with tinkering with the underlaying conf files with anything you install on pfsense.. Once you figure it out make sure you post a how to on pfsense so there is something other than that junk I linked too ;)

This topic is now closed to further replies.
 Share
Go to topic listing

  • Posts

    • The Light of Life? We actually do glow till our Death, study finds

      By Liberi_Fatali · Posted

      Interesting image choice... reminds me of the human centipede poster
    • Why you need to take back control of your synced passwords and how to go about doing that

      By +Warwagon · Posted

      I love syncback!
    • Politically funny images of the World

      By +primortal · Posted

    • Get $50 of aloSIM Mobile Data Traveler eSim credit for just $24.97

      By News Staff · Posted

      Get $50 of aloSIM Mobile Data Traveler eSim credit for just $24.97 by Steven Parker Today's highlighted deal comes via our Apps + Software section of the Neowin Deals store, where you can save 50% off aloSIM Mobile Data Traveler Lifetime eSim Credit: Pay $24.97 for $50. Stay connected affordably in 120+ countries/regions with your own lifetime eSIM! An eSIM is a digital SIM card. It's basically just mobile data. Once it's activated on your device, it can connect you to data networks in other countries – giving you an internet connection with NO roaming charges. With aloSIM, you can load prepaid eSIM data packages onto your phone, tablet, or computer. Your lifetime eSIM never expires, so it's yours forever and there are never any monthly charges. You'll get $50 in eSIM data credit, which is almost always enough to cover all your data roaming needs for a full year. But if you run out of data, you can always top up your lifetime eSIM and stay connected internationally. Pay $24.97 for a lifetime eSIM with $50 in travel data credit Use your eSIM to join data networks in 120+ countries Install your lifetime eSIM on a compatible device to roam on local data networks Your lifetime eSIM never expires, and can be topped up with more data anytime Many data packages cost as little as $4.50 and last 7 days. Depending on the package you choose, the length of time varies. Good to know Length of access: lifetime For NEW customers only Instant digital redemption Once you add your $50 credit to your aloSim account you have up to 12-months to use it — after that your credit will expire When you pay for a data plan you also get a free phone number (via Hushed) for the same duration of your plan that was purchased - IE 7 day eSim plan gives you a free 7-day phone number Purchased coupon must be redeemed and used within 12 months This deal is not stackable (one offer per aloSIM account) A $4.50 data package will last 7 days The data DOES expire, and you WILL NOT have any leftover data for your next trip unless it takes place within the validity period. While the eSIM never expires, the actual data package is only valid for the length of time stated at purchase (i.e. seven days after activation, 30 days after activation, etc.) So if you buy a seven-day package and only use a tiny bit, that package is still going to expire after seven days. Access options: mobile (check compatibility) Max number of device(s): 1 Updates included Here's the deal: This aloSIM Mobile Data Traveler eSim $50 Credit normally costs ... $50, but it can be yours for just $24.97 for a limited time, a saving of $25 (50% off). For specifications, and license info please click the link below. Get this aloSIM Mobile Data Traveler eSim for just $24.97 (was $50) Although priced in U.S. dollars, this deal is available for digital purchase worldwide. Support queries If you have queries or need support for any of the Neowin Deals, please use the contact form here. Neowin Deals are managed and sold by StackCommerce who represent Neowin on an affiliate basis. Why we post these deals We post these because we earn commission on each sale so as not to rely solely on advertising, which many of our readers block. It all helps toward paying staff reporters, servers and hosting costs. So for those that keep moaning and complaining, be thankful we're still online for you to even do that. Other ways to support Neowin Whitelist Neowin by not blocking our ads Create a free member account to see fewer ads Make a donation to support our day to day running costs Subscribe to Neowin - for $14 a year, or $28 a year for an ad-free experience Disclosure: Neowin benefits from revenue of each sale made through our branded deals site powered by StackCommerce.
    • The Microsoft Office feature that time forgot

      By Fraud OS 11 · Posted

      WordArt was cool. We now have color fonts as a substitute although Word only supports COLRv0 and COLRv1 (Fraud OS 11 only). The OpenType SVG color font format needs to be supported by Office. Adobe's apps support it

  • Recent Achievements

    • First Post
      DrWankel earned a badge
      First Post
    • Reacting Well
      DrWankel earned a badge
      Reacting Well
    • Week One Done
      Supreme Spray LV earned a badge
      Week One Done
    • One Month Later
      Genuinetonerink- Dubai earned a badge
      One Month Later
    • Week One Done
      Genuinetonerink- Dubai earned a badge
      Week One Done

  • Popular Contributors

    1. 1
      +primortal
      498
    2. 2
      +Edouard
      158
    3. 3
      PsYcHoKiLLa
      90
    4. 4
      Steven P.
      74
    5. 5
      Michael Scrip
      72
    Show More

  • Tell a friend

    Love Neowin? Tell a friend!