Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Using Zenarmor and Squid proxy inline
« previous
next »
Print
Pages: [
1
]
Author
Topic: Using Zenarmor and Squid proxy inline (Read 478 times)
hv-tech
Newbie
Posts: 17
Karma: 0
Using Zenarmor and Squid proxy inline
«
on:
December 27, 2022, 10:58:56 pm »
Hi ALL,
I can't help but notice that when using Web Proxy in Opnsense that it completely bypasses Zenarmor since it sees my hosts connecting to the destination which is the LAN interface hosting Squid Proxy. I am not sure if there is a setting on the Zenarmor or Proxy side a way to parse the data coming from source being the LAN interface and dest is whatever the proxy is connecting to?
It would be nice if the WAN interface was selectable since I am sure it would capture from LAN out during proxy options.
Logged
sy
Sr. Member
Posts: 336
Karma: 28
Re: Using Zenarmor and Squid proxy inline
«
Reply #1 on:
December 30, 2022, 06:35:24 pm »
Hi,
Zenarmor should catch the visited sites and their categories. So if you create a block policy, it should be blocked. But the destination will be shown as proxy IP.
Logged
hv-tech
Newbie
Posts: 17
Karma: 0
Re: Using Zenarmor and Squid proxy inline
«
Reply #2 on:
January 02, 2023, 06:10:34 am »
Alright so after some testing, it seems it does work, well 50/50%. So the blocks do not work when I set configurations in "App Controls" but they do when I completely configure a block in "Web Controls"
That all being said, technically "App Controls" should work but don't. What else can I check to understand why blocking doesn't work in "App Controls"?
Logged
sy
Sr. Member
Posts: 336
Karma: 28
Re: Using Zenarmor and Squid proxy inline
«
Reply #3 on:
January 04, 2023, 01:10:02 pm »
Hi,
Do you see the sessions in the Live session explorer? The app and app category is shown correctly?
Logged
hv-tech
Newbie
Posts: 17
Karma: 0
Re: Using Zenarmor and Squid proxy inline
«
Reply #4 on:
January 23, 2023, 07:50:53 pm »
So I attached a screenshot, the last logs were without proxy enabled, as you can see the logs on top are with Web controls enable since without it enabled and App controls enabled only just goes right pass the filter/control.
I would say no its not shown or processed correctly with proxy enabled. So application categories don't seem to work with proxy currently. I wonder if this is something that could be fixed?
Logged
sy
Sr. Member
Posts: 336
Karma: 28
Re: Using Zenarmor and Squid proxy inline
«
Reply #5 on:
January 24, 2023, 09:01:25 am »
Hi,
In the last logs, it seems that the proxy is active and blocked. Do you mean that the applications are not blocked when the proxy is active?
Logged
hv-tech
Newbie
Posts: 17
Karma: 0
Re: Using Zenarmor and Squid proxy inline
«
Reply #6 on:
January 24, 2023, 08:30:43 pm »
Correct, applications are not blocked when proxy is active.
Logged
sy
Sr. Member
Posts: 336
Karma: 28
Re: Using Zenarmor and Squid proxy inline
«
Reply #7 on:
January 26, 2023, 12:07:43 pm »
Hi,
Can you share a bug report from the upper right corner of OPNsense Zenarmor GUI? I would like to check the configurations and logs.
Logged
hv-tech
Newbie
Posts: 17
Karma: 0
Re: Using Zenarmor and Squid proxy inline
«
Reply #8 on:
January 26, 2023, 05:39:44 pm »
Logs sent under "Proxy doesn't blocked on App Control."
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Using Zenarmor and Squid proxy inline
