It can be done, although not if the proxy machine is inside your LAN.
It would need to live on a separate network segment (ie: DMZ). In this
case, yes, its possible to redirect outbound traffic for TCP 80 to the
proxy machine, do your content filtering and pass it on. You cannot
transparently proxy SSL traffic in this manner however due to the fact
that the streams are encrypted.
-Gary
Vaughn L. Reid III wrote:
Hello, I have a policy routing and re-direct question.
Is it possible in PFSense to do something like the following:
A request comes to PFSense on the internal LAN interface on port 80 or
port 443. Instead of passing this out WAN to the Internet, can the
traffic, instead, be re-directed to a different port number of another
internal machine (e.g. a proxy server or content filter)?
Ascii art example:
LAN Network Workstation port 80 or 443 request --> PFSense LAN
interface --> internal PFSense rules, etc --> re-direct back out
interface to 2nd Internal network machine which would then either
serve the content or fetch it from the Internet
I'm asking this to see if it is feasible to set up a traditional proxy
server/content filter in a way to avoid having to configure proxy
settings on each client machine. I'm also wanting to keep the
proxying and content filtering off of the gateway routers. If it
would make things easier, the 2nd machine could live on a different
PFSense interface.
Thanks for your help.
Vaughn Reid III
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Commercial support available - https://portal.pfsense.org
!DSPAM:4936b04415805038518620!
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Commercial support available - https://portal.pfsense.org
