How to Set a Proxy Server automatic on all Clients

Started by pr3p, November 22, 2016, 07:27:37 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 22, 2016, 07:27:37 AM
My 1st opnsense server with multiwan setup and DNS Resolver was stable and i enable proxy server,

Question: Guys it is possible to set the proxy server automatic to all clients without configuring browser to set the proxy server.



My Setup:
General Setting:



Forward Proxy:



I tried and test the proxy server with browser ( Firefox) and its working fine.


with authentication setting also works fine.



Regards,
James
November 22, 2016, 08:52:19 AM #1
Hi James,

unfortunately you can't.

But you can Setup Transparent Proxy.


Kind regards
Frank
November 22, 2016, 09:31:16 AM #2
Multi-WAN + Transparent Proxy doesn't currently work in FreeBSD.


Cheers,
Franco
November 22, 2016, 10:26:44 AM #3 Last Edit: November 22, 2016, 02:37:41 PM by pr3p
Quote from: franco on November 22, 2016, 09:31:16 AM
Multi-WAN + Transparent Proxy doesn't currently work in FreeBSD.


Cheers,
Franco

thanks i setup transparent proxy and works fine, my problem is the ssl certificate it needs to install manually on client side.
November 22, 2016, 10:29:21 AM #4 Last Edit: November 22, 2016, 02:34:06 PM by pr3p
Proxy Server:
The proxy server is working fine but  i got problem on downloading ACL's it seems doenst apply or download.

https://docs.opnsense.org/manual/how-tos/proxywebfilter.html


is it ok to set this way? on local cache setting. i want to maximize the server.


System Information:


Regards,
pr3p
November 22, 2016, 03:51:56 PM #5
On Windows you should be able to do this via a group policy - then you would have it inside most apps (except some which bring their own trust store) and on Linux you would have to use some kind of an automation tool which will copy the certificates on the system and updates the ca store. On Linux you can set the environment variable HTTP_PROXY inside a login script so the applications will be aware of an proxy if you are not using a transparent proxy.
November 22, 2016, 04:33:43 PM #6
Quote from: fabian on November 22, 2016, 03:51:56 PM
On Windows you should be able to do this via a group policy - then you would have it inside most apps (except some which bring their own trust store) and on Linux you would have to use some kind of an automation tool which will copy the certificates on the system and updates the ca store. On Linux you can set the environment variable HTTP_PROXY inside a login script so the applications will be aware of an proxy if you are not using a transparent proxy.

Thanks fabian, its working like a charm now, but some website with ssl has problem like on google drive/gmail i was not able to create folder when   SSL mode is enabled.

Anyway can you check also the ACL its not applying or downloading.
November 22, 2016, 07:32:43 PM #7
This sounds like a TLS connection failed (maybe due a certificate mismatch). You should check if the connection is rejected (maybe by having open the network tab of FireBug or a similar tool) by looking at the error messages.
Print
Go Up Pages1
User actions