On 6/30/2010 4:00 PM, Luke Jaeger wrote: > I decided to enable transparent proxy on my school firewall because I > was getting a million requests a day to configure proxy settings on > student laptops. > > But now that I turned on transparent proxy, students have discovered > that they can get to banned sites (like facebook) via https. > http://www.facebook.com is blocked but https://www.facebook.com still > works. > > Can someone let me know how to block these? I understand I have to deny > the 'connect method' but don't see where to do this. Can this only be > done in command line?
You cannot transparently proxy SSL connections. You would have to deny outbound access to port 443 and if they want SSL, they must configure the proxy settings into their browser(s) either by hand or automatically with something like WPAD. Jim --------------------------------------------------------------------- To unsubscribe, e-mail: support-unsubscr...@pfsense.com For additional commands, e-mail: support-h...@pfsense.com Commercial support available - https://portal.pfsense.org