Squid configuration in pfsense

@

@nalyzer

n00b
Joined
Apr 5, 2003
Messages
39
Hi all,
I have searched and spent many hours scouring the internet to help me out without much help.

Basically, I have pfsense with squid running at home, and would like to set up a http proxy server at home.

Now I need some help/guidelines to configure Squid, so that I can access it externally (i.e. from work/university) to bypass websites that are blocked from wherever I am (i.e. work, school).

Most if not all the examples I found were configured to cache websites or block them and directed internally (i.e. LAN). I tried to configure it for LAN, and then reverse it to apply it on the WAN interface, without success. Do I need set a rule to port forward port 3128, which is used by squid, to the router itself?

Thanks guys :)
 
Do I need set a rule to port forward port 3128, which is used by squid, to the router itself?
Click to expand...

More than likely. By default all ports are closed.
 
Yeah I agree, although I don't know that I'd want to open the proxy port out to the internet. What I do is run the STunnel package which will allow you to create ssh tunnels from the web gui, then you can configure an ssh client to match. So anyway, I configure putty to connect an ssh tunnel for 3128 to the pfsense box, then you point your remote browser proxy to localhost.

This works for me here at work where there are zero open ports to the outside world, and 80/443 have to go through our outgoing proxy. I use CNTLM to tunnel Putty through the proxy with NTLM authentication on 443 so it looks like SSL traffic, then over that ssh session, I tunnel my proxy session to my home firewall.

PM me if you need any help
 
aaronearles said:
Yeah I agree, although I don't know that I'd want to open the proxy port out to the internet. What I do is run the STunnel package which will allow you to create ssh tunnels from the web gui, then you can configure an ssh client to match. So anyway, I configure putty to connect an ssh tunnel for 3128 to the pfsense box, then you point your remote browser proxy to localhost.

This works for me here at work where there are zero open ports to the outside world, and 80/443 have to go through our outgoing proxy. I use CNTLM to tunnel Putty through the proxy with NTLM authentication on 443 so it looks like SSL traffic, then over that ssh session, I tunnel my proxy session to my home firewall.

PM me if you need any help
Click to expand...

Username and password on squid is another option
 
You must log in or register to reply here.
Back
Top