OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: FCM on November 02, 2017, 03:51:26 pm

Title: Captive Portal AND Proxy
Post by: FCM on November 02, 2017, 03:51:26 pm
Hello,
I try to make working the proxy service and the captive portal.
I have successfully set the proxy so people on the targetted LAN can't go where they have nothing to do (not entirely successfull because google.com/google.fr doesn't work anymore, but that's another problem).
Then I have tried (for a long time) to make captive portal to work with...

After a lot of tries, forum checks,..... I only have 2 results :
1. nothing works (it can't find page, like DNS problem... but, yes, the DNS rules is in first)
2. if I remove the automatic NAT rules created by the proxy for the 3128/3129 forcing, It works but the proxy does nothing : all the web sites are free to go...

I checked the "Shared forwarding" rule in advanced/firewall setting
I checked HTTP and HTTPS transparent proxy rules in captive portal zone
The LAN interface is in Proxy interfaces (forward proxy settings)

I tried to create firewall rules in the LAN interface to send data to 3128 and 3129 but it doesn't work

The "setup Guest Network" is great but there is no clue there to make it work with proxy (the rule is in "all accessible mode") :(

So if someone have clues or ideas, I thank you in advance !
(and sorry for my english)
Title: Re: Captive Portal AND Proxy
Post by: FCM on November 03, 2017, 01:50:16 pm
Hello
Ok I have resolved, I think, my problem :

In the Firewall rules of my interface, I put 2 rules for HTTP and HTTPS and after them (??) I put 2 rules to send data to 3128 and 3129.

I have the portal working, and the proxy is doing its work, filtered URL are blocked...

I just don't understand how it works... if the rules for HTTP and HTTPS are before the redirection to the proxy port, they should work and be used, shouldn't they ?
(I add a picture of my rules in this post)