Re: [pfSense] Transparent Squid with Multiwan on 2.1.3?
ok I've managed to get it working. The problem was that except from 2 Gateways I had also defined 2 additional gateways (not for internet) and associated static routes to them. Deleting and putting them below wan1 and wan2 did the trick. thank you for your help! Yannis Sent by mobile On Aug 2, 2014 10:46 PM, compdoc comp...@hotrodpc.com wrote: With Squid disabled, fail over works as expected. In the lab I created to test this machine, I have squid with havp set to transparent. Also have snort. I don’t use squidguard. If I disconnect wan #1, most browsers will time out. But I can often just refresh to get them going again. Squid never complains. There are a couple of remote clients and programs that have to be closed and then opened again after the gateway fails. (maybe because they cache something?) I'm pretty happy with it. (49) Can't assign requested address What is your client connecting to? Is it some sort of secure remote session? A disconnect cannot be avoided with any type of secure connection. You're changing external ip addresses when it falls over, after all. Are you able to recover normal connections to google or youtube, etc.? Close the browser and try again after waiting for the switch to happen. There are settings for how long it takes pfSense to decide a gateway is down, and how it determines its down. I use just 'packet loss'. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Transparent Squid with Multiwan on 2.1.3?
With Squid disabled, fail over works as expected. In the lab I created to test this machine, I have squid with havp set to transparent. Also have snort. I don’t use squidguard. If I disconnect wan #1, most browsers will time out. But I can often just refresh to get them going again. Squid never complains. There are a couple of remote clients and programs that have to be closed and then opened again after the gateway fails. (maybe because they cache something?) I'm pretty happy with it. (49) Can't assign requested address What is your client connecting to? Is it some sort of secure remote session? A disconnect cannot be avoided with any type of secure connection. You're changing external ip addresses when it falls over, after all. Are you able to recover normal connections to google or youtube, etc.? Close the browser and try again after waiting for the switch to happen. There are settings for how long it takes pfSense to decide a gateway is down, and how it determines its down. I use just 'packet loss'. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] Transparent Squid with Multiwan on 2.1.3?
Hello, I have pfSense 2.1.3 with 2 Wan links + 1 Lan. I have squid+squidguard packages installed. Squid is working in transparent mode. Is there a way to make Squid redirect http connections on Wan2 in case Wan1 is down? I am mainly interested in failover and not so in loadbalancing http connections. thank you Yannis ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Transparent Squid with Multiwan on 2.1.3?
On 1 August 2014 8:00:54 pm IST, compdoc comp...@hotrodpc.com wrote: Is there a way to make Squid redirect http connections on Wan2 in case Wan1 is down? It is simple. Squid sends traffic through the default gateway without any specific configuration. Just enable 'Default Gateway Switching' in System - Advanced Settings and you are good to go. Regards, Nishant -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] Transparent Squid with Multiwan on 2.1.3?
Tried that option but it does not seem to work. When I disconnect wan1 I get the following error on clients browser: Connection to Failed The system returned: (49) Can't assign requested address With Squid disabled, fail over works as expected. Maybe Squid is using a different mechanism to handle gateways? I read different kinds of posts on forum about this issue. There are people suggesting creating Floating rules, inserting tcp_outgoing_address 127.0.0.1 on Squid configuration, but none of them seem to work. Yannis Milios Systems Administrator Mob. +30 6932-657-029 Tel. +30 211-800-1230 E-mail. yannis.mil...@gmail.com On Fri, Aug 1, 2014 at 5:48 PM, Nishant Sharma codemarau...@gmail.com wrote: On 1 August 2014 8:00:54 pm IST, compdoc comp...@hotrodpc.com wrote: Is there a way to make Squid redirect http connections on Wan2 in case Wan1 is down? It is simple. Squid sends traffic through the default gateway without any specific configuration. Just enable 'Default Gateway Switching' in System - Advanced Settings and you are good to go. Regards, Nishant -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list