Transparent proxy with ssl (NS7) solved

NethServer Version: 7.3.1611
Module: web proxy

I set up a transparent proxy with ssl. There was a problem. No access to facebook.com
Web filter is disabled.

Do you see host header forgery?

Do not use 8.8.8.8 as DNS and make sure the client DNS is NethServer.
http://wiki.squid-cache.org/KnowledgeBase/HostHeaderForgery

No. No warnings or errors appear. (an not access site
The response time from the site www.facebook.com has been exceeded.
Try the following:
Check your Internet connection.
Check the proxy server and firewall settings.
Perform Network Diagnostics in Windows
ERR_TIMED_OUT)

The site simply does not open. Other https sites are working fine (gmail, google, yandex).
Also does not open the site microsoft.com

The problem is solved. The problem was in the local network dns (windows server). NS was not used in the DNS role.

I try to install NS7_up1. Configuration - Network - Configure DNS servers - Primary DNS 8.8.8.8 Secondary DNS 8.8.4.4
Gateway - Web proxy - Enable proxy - Transparent -
Internet works, all sites are opened.

Gateway - Web proxy - Enable proxy - Transparent with SSL + Block HTTP and HTTPS ports
Sites are opened, but there is no web access to gmail mail. If you use Thunderbird, the mail works. Google.com opens. Gmail.com no.

In the local DNS network - DHCP windows server 2016. ip 192.168.1.4
P.S.
If you use DNS as a DNS and DHCP server, the NS7 problem remains.

Help to solve the problem.

Block ports only if not using Transparent.

1 Like

I only enabled Transparent with SSL
does not work
Https://news.google.com
Https://mail.google.com
Https://translate.google.com

working
Https://plus.google.com
Https://www.youtube.com
Https://www.google.com/maps
Https://play.google.com

P.S.
The problem was in Hyper-v.
After installing on a real computer, Transparent with SSL works.