Scribd Logo
Upload

Welcome to Scribd!

  • PFSENSE How To Configure Squid (15022018)

    Uploaded by

    getiva
    19 views37 pages

    Original Title

    PFSENSE How to Configure Squid (15022018)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    19 views37 pages

    PFSENSE How To Configure Squid (15022018)

    Uploaded by

    getiva

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 37

    PFSENSE

    Install PFSense V2.3.2


    1. Insert the installation CD of PFSense
    2. Select Option ---> 6

    3. Press I to start installation

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    4. In the configure console select option
     Accept these setting

    5. In Select task option select option


     Quick / Easy Installer and press Ok.

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    6. In install Kernal Option
     Select the Standard Kernal

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    7. Reboot

    8. After Reboot Configure Network


     Select No option for “Do you want to configure VLAN (Y/N):” N

    9. Select the network card for WAN: – hn0


    10. Select the network card for LAN: – hn1
    Select Yes option for “Do you want to proceed (Y/N):” yes

    11. Configure the LAN / WAN IP address


     Select option (1) Assign Interfaces
     Assign WAN IP address on hn0
     Assign LAN IP address on hn1
     Set the web configurator option to “yes”.
     Web Console will be enabled on LAN IP Address (http://172.16.100.50) by default
     Select option (7) Ping host to test network connectivity of LAN and WAN

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    12. Now Access PFSense through Web Console i.e (http://172.16.100.50)
     Default user: Admin
     Default password: pfsense
    13. System--> Setup Wizard
     Press Next --> Set Hostname--> (PFSenseFirewall)--> Domain Name --> (nuisb.edu.pk)-->
    Primary DNS Server -->(221.132.112.8) --> Secondary DNS Server -->(221.132.112.9)
     --> check the override DNS option --> Press Next
     Keep the other options as defaults
     Set WAN IP/Gateway Address
     Set LAN IP /Gateway Address
     Set admin password
     Reload

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    14. Enable https on PFSense and TCP Port (Mention Port# 2048 in TCP port option)

    System -->Advanced --> Admin Access

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    15. Enable SSH
    System -->Advanced --> Admin Access --> Check Enable SSH and set SSH port

    16. Set DNS Server


    System > Routing > Gateways --> Add LAN and WAN Gateway and Monitor IPs

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    Configure DNS and Gateway (WAN / LAN)
    System > General Setup -->

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    Ping to WAN / LAN IP
    Diagnostic >Ping >Host Name>IP

    Install the PFSense System update


    System > Update > System Update

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    Install the required Packages
    System > Package Manager > Available Packages
     Squid (High Performance Proxy Services)
     Squid Guard (High performance web proxy URL filter)
     Light Squid (LightSquid is a high performance web proxy reporting tool)

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    Now Configure Squid
     Check to enable the squid proxy
     Change Proxy port to: 8080

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    Clear the Local Cache
    Package ---> Proxy Server: Cache Management ---> Local Cache

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    Press the Clear Disk Cache Now button

    Check to Enable the Squid Proxy

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    Enable Logging

    Squid conf file in pfsense /usr/local/etc/squid/squid.conf

    Enable Antivirus

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    Package --> Proxy Server: Access Control --> ACLs
    Mention the Allowed Subnet Mask, Unrestricted IP, Banned host address and etc as per requirements

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    Now Add Allowed subnets and ACLs

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    Update the Proxy Server: Traffic Management Traffic Mgmt

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    To Add VLAN Route in PFsense

    System --> Routing

    System --> Routing--> Gateways

    Add Local Gateway

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    System --> Routing--> Gateways

    Add static route of VLAN

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    After this all, squid proxy services will be available for all VLANs.

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    How to Add Firewall Rules

    https://www.erickscottjohnson.com/blog/pfsense-part-3-allowing-and-blocking-individual-websites

    Firewall --> Alias -- > IP

    Firewall --> Alias -- > Edit

    To add Rule (Press Add Button)

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk
    How to install squidguard

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    How Configure Bandwidth Shaper

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    Now add VLANs.
    Go to the Interfaces --> (assign) --> VLANs --> Add
    Parenet Interface --> Select LAN --> VLAN Tag (Mention Tag Name e.g 10) --> Description (e. VLAN10)

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    Now Add Interfaces through Interfaces/Assignments
    Add all VLAN interfaces

    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk


    For suggestion and improvement feel free to contact. qasim.mehmood@nu.edu.pk

    You might also like