Hi Jim ! For OpenVPN you mean assign the OpenVPN as a interface under interfaces -> assign ? Sounds reasonable...
But how would I do such a port forward inbound ? I tried to setup a NAT rule "from IPSec to any dst tcp 80 forward to 127.0.0.1:3128" but it seemed it did not work (but perhaps I missed sth...) But that would be the right way, correct ? Regards, martin -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Im Auftrag von Jim Pingle Gesendet: Donnerstag, 2. Februar 2012 16:24 An: pfSense support and discussion Betreff: Re: [pfSense] squid over ipsec dial-in On 2/2/2012 9:58 AM, Fuchs, Martin wrote: > I have a few clients (mobile phones) that connect via corporate data > access (IPSec tunnel from the provider to our pfSense cluster) to the > internet. > > We have squid here in transparent mode and it seems as if the > connected clients cannot access http through squid. > > I have already added the remote subnet to the allowed subnets in squid. > > There is no IPSec interface I can choose from, because it’s not > physical, but is it possible for ipsec or openvpn clients to browse > the web through squid ? That would require doing a port forward inbound on the IPsec interface to redirect any:80 to localhost:squid_port. I'm not sure that will work on the IPsec interface or not, but you might try it. > Does anyone have it working ? Probably not with IPsec, but it would work fine with OpenVPN if you assigned the VPN server interface. Jim _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
