Several Proxy Profiles possible

Started by philipp86720, October 03, 2023, 09:06:12 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
October 03, 2023, 09:06:12 AM Last Edit: October 03, 2023, 09:56:45 AM by philipp86720
Hi. Coming from a Sophos UTM, I'm looking for the feature "proxy profiles". That means, that I would like to define several profiles for different computer groups. E.g.: Servers are allowed to access internet by transparent proxy without any limitations, but clients I need two profiles:
1. Transparent proxy for updating antivirus definitions
2. Non-Transparent proxy for websurfing (proxy defined in Firefox)
I don't want any other applications to "call home" or get updates from the web.
Any idea, how that can be done with opnsense?
Regards
November 12, 2023, 11:27:09 PM #1
Nobody?  :(
November 21, 2023, 11:11:11 PM #2
I'm in much the same situation. We are migrating from Sophos UTM as I'm sick of the price increases and poor customer support for said price increases.

There are a number of things that the UTM could do that opnsense doesn't do as well, but over all I'm very happy with Opnsense. However not having multiple profiles for the proxy is a causing some issues.

We usually have Servers, Clients and Mobile devices all on separate networks. The servers all have the required certificates for SSL inspection. The clients may or may not have the required certificates depending on the site, and the mobiles never have the required certificates. It would be nice to do full inspection for the servers, and logging only for the other networks for reporting.

However we have had to resort to full SSL inspection for the servers, and just not process SSL at all for clients. Not ideal but its the only solution I could get to work.
Print
Go Up Pages1
User actions