English Forums > Web Proxy Filtering and Caching

New setup (newbie) issue with Web filter & internet access

<< < (2/2)

nforce:

--- Quote from: netranger on September 21, 2019, 02:34:15 pm ---Hi,

yes, transparent means the client doesn't see any configuration for this. In order to do this you would need:
1. a NAT rule which redirects your web traffic to your proxy (for example redirect port 80 to 3128)
2. a firewall rule which allows your client to connect to your transparent port (for example 3128)

Please post your rule setup.

Edit: also check this https://docs.opnsense.org/manual/how-tos/proxytransparent.html

BR,
NR

--- End quote ---

How can I redirect port 80 to 3128?
Do I need to disable rules from the OPNsense docs? Can redirection work while there is a block rule?

fabian:
The help Text of the transparent port contains a link to generate the rule.

nforce:

--- Quote from: fabian on January 18, 2020, 01:36:07 pm ---The help Text of the transparent port contains a link to generate the rule.

--- End quote ---

Sorry, I don't know what transparent proxy is, do I have to use it?

Edit: I set everything up but still can't connect when i enable firewall rules.

Edit2: Everything works except proxy bypass, urls in the list return access denied error.

Edit3: Download ACLs works only the first time for ut1. After first time i cannot fetch categories.

fabian:
Oh, I misread that. I thought you want a transparent proxy because I read redirect port 80 traffic. For non transparent you only need to open 3128 TCP and 53 UDP when using the default configuration. But then you have to configure it on each client and maybe for every single software or use another helper technique like WPAD/PAC which is still not supported everywhere.

OPSnewbie:
Late reply indeed, but I just came across this myself when playing with OPNSense and found the reason for mine not working after enabling the firewall block was that the rules that were created when enabling the transparent proxy didnt enable themselves by default. they were there, just not enabled. cheers,
 

Navigation

[0] Message Index

[*] Previous page

Go to full version