Author Topic: [Transparent Proxy] Caching and Auth for HTTP, just Auth for HTTPS (Read 381 times)

Conti · « **on:** February 11, 2019, 01:23:47 pm »

Hello,
after reading some docs I am not sure if this will work: I want to setup a transparent proxy with authentication. As normal http sites are no big deal, these sites should be cached. I think this is the easy part. For all (!) https sites, I just want a basic authentication with local users (to avoid MITM and proxy cert). Is this a common setup and will this work with OPNSense? Any hints for the implementation?
BR

fabian · « **Reply #1 on:** February 11, 2019, 05:23:40 pm »

As far as I know, squid does not support that. There are some tricks for passive authentication state injection (for example sync with an network auth server), but they are currently not implemented.

Conti · « **Reply #2 on:** February 11, 2019, 07:03:31 pm »

Thanks you for your answer. Would it be possible without authentication? At least to log https traffic instead of just let it pass the firewall with permit tcp 443.

fabian · « **Reply #3 on:** February 12, 2019, 06:51:01 pm »

yes, that should work (there must be a checkbox somewhere) on the page, where you configure the HTTPS inspection.

Author Topic: [Transparent Proxy] Caching and Auth for HTTP, just Auth for HTTPS (Read 381 times)

Conti

[Transparent Proxy] Caching and Auth for HTTP, just Auth for HTTPS

fabian

Re: [Transparent Proxy] Caching and Auth for HTTP, just Auth for HTTPS

Conti

Re: [Transparent Proxy] Caching and Auth for HTTP, just Auth for HTTPS

fabian

Re: [Transparent Proxy] Caching and Auth for HTTP, just Auth for HTTPS