Netgate SG-1000 microFirewall

Author Topic: [SOLVED] nosslsearch.google.com + squid + MultiWAN + ISP transparent proxy  (Read 2127 times)

0 Members and 1 Guest are viewing this topic.

Offline bellera

  • Hero Member
  • *****
  • Posts: 5569
  • Karma: +117/-51
    • View Profile
Scenario

pSense1 2.1 32 bit nano
* 3 WAN from differents ISP
* One link has ISP transparent proxy
* Outgoing balancer (gateway grouping)
* 1 LAN

pfSense2 2.1 64 bit
* 1 WAN to pfSense1
* 4 LAN (DMZ, Users, WiFi1, WiFi2)
* squid3-dev + squidGuard-squid3 working at 4 LAN
* proxy.pac for each LAN, http://forum.pfsense.org/index.php?topic=74353.msg406579#msg406579

Local DNS (FreeBSD server + pfSense)
SSL disabled for www.google.com, www.google.cat and www.google.es
nosslsearch.google.com records at local DNS
http://linuxcentre.net/wiki/index.php/Web_Content_Filtering#The_Google_SSL_Search_problem_and_Google_Apps_for_Education

Problems if using ISP with transparent proxy
Login at GoogleApps Services sometimes failing
Google Calendar not apperaring, http://www.squid-cache.org/mail-archive/squid-users/201203/0601.html
Slow (or not response) when using Google searches. Users switching to Bing  ???

Solution
Just policy routing (LAN Rule specifying Gateway) at pfSense1 (outgoing balancer) 216.239.32.20 (nosslsearch.google.com) to other ISP not having (problematic) transparent proxy.

Note
At home I have another ISP with transparent proxy. I have a user WebGUI administration to turn on/off the service and configure my exceptions. I haven't any trouble with it. So, not all transparent proxies are problematic for nosslsearch.google.com

« Last Edit: April 02, 2014, 03:30:05 am by bellera »