Disable Authentication for Squid

[bamf]

Hi,

I enabled the Squid web proxy, but it is refusing connections.

Under "Authentication method" the only options are "Local Database" or "Nothing selected". How can I disable the authentication?

[bamf]

Still struggling here. The documentation says:

Authenticators�

User authentication can be done using OPNsense standard and built-in authenticators. Currently these include:

    LDAP (incl. Microsoft Active Directory)

    Radius

    Local user manager

    No authentication

These options can be found in the Web Proxy -> Administration -> Forward Proxy -> Authentication Settings section.

Here, it's called

Code Select Expand

Squid Web Proxy and the only option is

Code Select Expand

Local database What am I doing wrong?

[Patrick M. Hausen]

Did you add the client networks? I am not using Squid on OPNsense but from some projects decades ago I vaguely remember that you must configure the clients permitted to use Squid. Should be easy enough to find in the UI.

[bamf]

Yes, I have configured my whole 192.168.100.0/24 as well as the complete ULA range fd00::/7 and my ULA range fda6::/64.

No matter if I use the IPv4 address of the router or the ULA address, my browser says:

The proxy server is refusing connections

[Patrick M. Hausen]

Refusing connections means it is not listening on the IP address and/or port your browser tries to use. Either the listen settings for Squid are "wrong" in some way or you do not have a firewall rule permitting the connection.

[bamf]

Seems squid is not listening on port 3129.

root@OPNsense:~ # sockstat -l | grep 312
squid    squid       6485 27  tcp4   192.168.100.1:3128    *:*
squid    squid       6485 28  tcp6   2003:a:XXXX:XXXX::XXXX:3128 *:*
squid    squid       6485 29  tcp6   fda6::1:3128          *:*

But SSL port 3129 is configured in the WebUI. What am I doing wrong?