OPNsense Forum

Archive => 16.1 Legacy Series => Topic started by: thijs on August 09, 2016, 09:14:27 pm

Title: Outbound NAT with proxy
Post by: thijs on August 09, 2016, 09:14:27 pm
After reading through the boards and wiki I've found different posts with questions regarding the outbound NAT. Most of them are about OpenVPN and Outbound NAT. People seem to get this working, but I can't get it to work with the proxy server instead of OpenVPN.

Is it even possible? I've done the following:
- WAN is PPPOE with /28 subnet;
- added virtual IP as "Other" in firewall with ip in range of WAN subnet;
- changed NAT to hybrid and added a rule:
    = Interface: WAN
    = Source: 192.168.x.x/24
    = Source Port: *
    = Destination: *
    = Destination port: 3128
    = NAT Address: my virtual ip
    = NAT Port: *
    = Static port: NO
    = Description: Proxy WAN2
- there is an automatically created rule in the firewall which allows proxy to go outside.

And that's it, but when I test the proxy I'm getting the ip address of the WAN back (first in DHCP from PPPOE). I do want it to go out on the second ip address.

Any thoughts?

Edit: found this post @ PFSense: https://forum.pfsense.org/index.php?topic=114087.msg635214#msg635214
I can't however find the field "Custom ACLS (After Auth)". Is this an option at OPNsense at all?

Edit2: found out that you need to add tcp_outgoing_address into the /usr/local/etc/squid/squid.conf file. But then Squid gives me another error: "commBind: Cannot bind socket FD 21 to xxx.xxx.xxx.xxx: (49) Can't assign requested address"