English Forums > Web Proxy Filtering and Caching
New setup (newbie) issue with Web filter & internet access
im_etten:
I am new to OPNSense and I am trying to do some setup/testing on the install.
I have a default install of 18.1.4. I have internet access and have setup DHCP. Everything works.
I then followed the user manual on how to setup web filtering. The last step is to disable the proxy bypass via a firewall rule. Once I do this I am no longer able to access the internet. If I disable the rule I gain access to the internet.
What else do I need to setup to get this to work?
My intent is to setup web filtering for all devices connected to the network. I don't want to setup any caching or authentication. If I log on to the network with a PC, I want the web filtering to block out any categories I select.
Thanks in advance.
HenkH:
Hi im_etten, just like you i'm a newbie and it happens that i tried the same today. I also did not have access to internet after inserting the firewall rules to deny proxy-bypassing.
In my case i found that i did not configure my browser to use the proxy (the IP address of the LAN port and port 3128 by default). Maybe this is also the case in your situation?
I found a screenshot (https://wiki.opnsense.org/manual/how-tos/cachingproxy.html) in the howto about a caching proxy for Mozilla Firefox which depicts how you could configure Firefox. It is below the heading "Configure browser/Firefox". In Firefox you can find the setting going to "preferences", network proxy is at the bottom of the "general" settings page. After this, it should work, if not, restart Opnsense. After adding this setting and restarting Opnsense it worked fine for me!
velvetbrain:
Thank you guys for posting.
Apologies for resurrecting a dead thread.
I thought the idea of a transparent proxy was that we didn't have to modify the client side.
see here: https://www.expressvpn.com/blog/transparent-proxy/
I'm feeling pretty confident I've followed Web Url setup properly and haven't been able to filter as I want, yet.
netranger:
Hi,
yes, transparent means the client doesn't see any configuration for this. In order to do this you would need:
1. a NAT rule which redirects your web traffic to your proxy (for example redirect port 80 to 3128)
2. a firewall rule which allows your client to connect to your transparent port (for example 3128)
Please post your rule setup.
Edit: also check this https://docs.opnsense.org/manual/how-tos/proxytransparent.html
BR,
NR
nforce:
Hi,
I'm suffering from the same issue. I'm pretty ignorant on the matter. Have no prior experience and i don't have a good understanding of the network stuff. The topic has already been resurrected recently so I think you wouldn't mind.
I'm using an old computer via the live mode(Serial image flashed by Rufus).
It has half a gig ram, I'm only using it for testing and learning.
I just let it run without touching anything, I did nothing except this one: https://docs.opnsense.org/manual/how-tos/proxywebfilter.html
Didn't run wizard either. I wouldn't know what to do with it anyways.
Also using an old ethernet card with it.
Internet ==> Switch ==> Old ethernet card ==> Old computer (OPNsense live) onboard ethernet port ==> Wireless access point. When I switch ports on the old computer it no longer works, so I think LAN, WAN interfaces are set up correctly.
What is working:
- Can connect to the internet, no issue
- Firewall rules seem to work fine when I disabled rules no device was able to access the internet while they could access OPNsense.
- Downloaded ACL and fetched categories without issues. I applied but have no idea if it would work.
- Enabling proxy does display the green button.
What I want:
- Web filter, obviously. If there is a better alternative to achieve this pls do tell me. Like e2guardian, it's not possible on OPNsense, is it?
- Intended for large areas, the users should not have to set up anything on their devices.
Navigation
[0] Message Index
[#] Next page
Go to full version