hi,
I have been using past one month NS firewall with proxy, we enable the web content filter and block some websites, we open http’s sets its getting long time to open in browser. I tried two different browsers to open, but the same problem.
do you use transparent, manual or authenticated proxy?
Which blacklist do you use?
Do you have an example https page that is slow?
Are there errors in the logfiles /var/log/messages or /var/log/squid/access.log ?
We are using authentication mode in proxy and proxy joined in domain controller, We create custom categories and block Facebook and YouTube for particular user group.
Is your hardware strong enough? Maybe wrong credentials? Which clients (browsers) connect to your NethServer and how did you setup their proxy? You may try using IP or FQDN in the proxy settings on the clients.
The proxy server setting in the browser using FQDN only, we create a group in domain controller and add some users to that group, the proxy uses the system login credentials for that group user login.
When I use IP address in the proxy settings, the browser (chrome) getting login prompt again and again after we enter login credentials.
I don’t know to solve this problem.
In Firefox the proxy working normal, with manual proxy its working no problem, the only problem in authentication mode. Our Senior manager needs only authentication mode because of blocking some websites,
I disable antivirus in the proxy server, also use google domains in whitelist and domain without proxy, but I didn’t see any difference
Yes, Nethserver as DHCP Server, enable DHCP in Green zone (local LAN) and we use one of our ISP provider DNS server and our domain controller as another DNS Server.
It seems like you are not using proxy authentication mode. Usually you should see the usernames in the access log.
Another point is that you have one internal and one external DNS for your clients. This means that they may give back different results. Your internal DNS knows your domain, the external doesn’t. You may try to use just the internal DNS of your domain controller.
There is a username in access.log, you can recheck again, once we enter our system the login credentials take it as proxy authentication. because we joined into domain controller.