OPNsense Forum

English Forums => Web Proxy Filtering and Caching => Topic started by: nikkon on January 12, 2018, 02:04:52 pm

Title: [SOLVED] transparent ssl proxy issue
Post by: nikkon on January 12, 2018, 02:04:52 pm

Hi guys,

my system version is OPNsense 17.7.11-amd64

I have a small issue. by following the step by step guide :
https://wiki.opnsense.org/manual/how-tos/proxytransparent.html
on the SSL nat rule I see some mismatching:
NAT reflection   Enable (NAT + Proxy) doesn't exist as an option.
both http/https nat rule are created. proxy is transparent. the certificate has been set to trust locally.

if there is something I missed I would be grateful if you can guide me.

Thank you

Title: Re: transparent ssl proxy issue
Post by: franco on January 13, 2018, 12:44:10 pm

Hi there,

I fixed the docs to be uploaded in the next week... we only have one NAT reflection mode left, so use the available "Enabled" setting.

I'll fix up the GUI label too, no use calling it "Enabled (Pure NAT)" anymore.


Thanks,
Franco

Title: Re: transparent ssl proxy issue
Post by: nikkon on January 14, 2018, 01:41:32 am

Thx franco

Title: Re: [SOLVED] transparent ssl proxy issue
Post by: nikkon on January 15, 2018, 04:00:02 pm

now back to my real issue

once I activate SSL inspection (ca internally create and the certificate exported and loaded on my mac as trusted) I got no traffic.
I followed the docs + my previous PfSense XP = still not successful :)
From time to time even the HTTP traffic freeze and I need to manually restart squid.
I pretty sure I miss something somewhere. I would appreciate if someone has any suggestion. Everything helps.

Thx