Re: [pfSense] About SSL Filtering: Squid and Squidguard.

Hi Volker and thanks for your guidance. I'm trying to avoid "MITM filtering" and Transparent-mode. I've read there are problems with MITM when clients access bank sites. As you said, keep the proxy and firewall separated is a better choice. These service must be 100% controlled and sometimes

Re: [pfSense] About SSL Filtering: Squid and Squidguard.

On Tue 09 May 2017 23:14:37 NZST +1200, José Gregorio Díaz Unda wrote: > It looks like I should use PFS only as a firewall and DNS resolver, and > setup independently DHCP and Squid. The DHCP server in pfsense is very good. With squid and squidguard I am less than impressed. It is more secure to

Re: [pfSense] About SSL Filtering: Squid and Squidguard.

Hi WebDawg, Yes, I did. In fact, I found it was required to create a couple o firewall rules, based on this info How to Block QUIC Protocol : 1. Protocol: IPv4 UDP; Source: *; Port: *;

Re: [pfSense] About SSL Filtering: Squid and Squidguard.

On Mon, May 8, 2017 at 6:58 PM, José Gregorio Díaz Unda < jgdiazu...@asyste.cl> wrote: > Update: > > Before I left the office, decided to test from another laptop. > Unfortunately, I was able to access YouTube. > > Why some machines access YouTube and others apparently are blocked? > > What could

Re: [pfSense] About SSL Filtering: Squid and Squidguard.

Hi Vollmer, Thank you so much for taking time to share your ideas. As I can see, PFS offers an intuitive web interface, but SSL filtering features Mia be configured in a specific mode. It looks like I should use PFS only as a firewall and DNS resolver, and setup independently DHCP and Squid.

Re: [pfSense] About SSL Filtering: Squid and Squidguard.

On Tue 09 May 2017 03:34:06 NZST +1200, José Gregorio Díaz Unda wrote: > Has somebody setup well SSL Filtering in PFSense? Yes, or at least I tried to. Because there are substantial problems with MITM methods I tried simpler URL filtering. It looks like that'd be sufficient for you. Configure

Re: [pfSense] About SSL Filtering: Squid and Squidguard.

Update: Before I left the office, decided to test from another laptop. Unfortunately, I was able to access YouTube. Why some machines access YouTube and others apparently are blocked? What could I be missing? Thanks in advance. José G. On Mon, May 8, 2017 at 7:20 PM José Gregorio Díaz

Re: [pfSense] About SSL Filtering: Squid and Squidguard.

Hi Web and thanks for your help, Recently I've updated to: *2.3.4-RELEASE (i386) * *built on Wed May 03 15:22:11 CDT 2017 * *FreeBSD 10.3-RELEASE-p19* And my packages for content cache/filtering: *squid 0.4.36_3* *squidGuard 1.16.2* I have selected *"Splice All"* for SSL/MITM Mode chich

Re: [pfSense] About SSL Filtering: Squid and Squidguard.

There are interception modes. Peek Peek and splice And bump. So sqid: I do not have it in front of me right now but it sounds like you do not have the SSL proxy setup right. Only one of those methods does not require a SSL cert to be installed on a client system. Also you have to deal with

[pfSense] About SSL Filtering: Squid and Squidguard.

Dear PFSense crew, I'm not sure if this is the right place to post my issue. If not, please let me know. Has somebody setup well SSL Filtering in PFSense? I have installed: PFSense 2.3.3_1 squid 0.4.36_3 squidGuard 1.16.1 Transparent Mode I just want to block Youtube (ssl) for certain group