Text only | Text with Images

OPNsense Forum

English Forums => General Discussion => Topic started by: Agg2u38 on July 02, 2024, 11:10:27 AM

Title: How to use squid web proxy without CA?
Post by: Agg2u38 on July 02, 2024, 11:10:27 AM
Hi everyone. can someone help us on how to use squid without the needs to install CA. Also if it's possible to block vpn in opnsense?
Title: Re: How to use squid web proxy without CA?
Post by: Monviech (Cedrik) on July 02, 2024, 11:16:27 AM
- It is not possible to use TLS MITM without installing a CA certificate on all clients.
- You can block vpn in OPNsense, just block the well known ports these VPNs use. If the VPN should be blocked with DPI, you might need Zenarmor, though I don't know if it supports that (probably does though with application detection).
Title: Re: How to use squid web proxy without CA?
Post by: Agg2u38 on July 02, 2024, 11:22:30 AM
In that case. Is there's any plugins that we can use beside on squid webproxy that also has the ACLs like in squid? We tried the quad9 but the blacklists there is limited unlike the ACL blacklist in squid.
Title: Re: How to use squid web proxy without CA?
Post by: Monviech (Cedrik) on July 02, 2024, 11:26:27 AM
You might want to ask in the Zenarmor section of this forum. They have the technologies you need. (especially if its something you want to use comercially)

If it's just some basic DNS blocking for private use, you can also consider the adguard plugin. The plugin is hosted by a community member and not in the standard repo:
https://www.routerperformance.net/opnsense-repo/
Title: Re: How to use squid web proxy without CA?
Post by: Agg2u38 on July 02, 2024, 12:32:30 PM
Ok thank you so much
Text only | Text with Images