when i use socks5 client on my pc to
connect to squid proxy on centos , i can tunnel RDP
traffic using squid .
I’m unable to use RDP using proxy .
MY CACHE PEER proxy is 10.12.0.32 , if i
use it directly i can use RDP.
but RDP from pfsense always forbidden and
i already allowed rdp port in the ports in pfsense
squid config .!
i will paste my squid config below and the
error i face when i try .
2016/04/11
09:25:53| Startup: Initializing Authentication
Schemes ...
2016/04/11
09:25:53| Startup: Initialized Authentication Scheme
'basic'
2016/04/11
09:25:53| Startup: Initialized Authentication Scheme
'digest'
2016/04/11
09:25:53| Startup: Initialized Authentication Scheme
'negotiate'
2016/04/11
09:25:53| Startup: Initialized Authentication Scheme
'ntlm'
2016/04/11
09:25:53| Startup: Initialized Authentication.
2016/04/11
09:25:53| Processing Configuration File:
/usr/local/etc/squid/squid.conf (depth 0)
2016/04/11
09:25:53| Processing: http_port 10.12.140.254:8080
2016/04/11
09:25:53| Processing: http_port 127.0.0.1:8080
2016/04/11
09:25:53| Processing: icp_port 0
2016/04/11
09:25:53| Processing: dns_v4_first off
2016/04/11
09:25:53| Processing: pid_filename
/var/run/squid/squid.pid
2016/04/11
09:25:53| Processing: cache_effective_user proxy
2016/04/11
09:25:53| Processing: cache_effective_group proxy
2016/04/11
09:25:53| Processing: error_default_language en
2016/04/11
09:25:53| Processing: icon_directory
/usr/pbi/squid-amd64/local/etc/squid/icons
2016/04/11
09:25:53| Processing: visible_hostname mpwh
2016/04/11
09:25:53| Processing: cache_mgr admin@localhost
2016/04/11
09:25:53| Processing: access_log
/var/squid/logs/access.log
2016/04/11
09:25:53| Processing: cache_log
/var/squid/logs/cache.log
2016/04/11
09:25:53| Processing: cache_store_log none
2016/04/11
09:25:53| Processing: netdb_filename
/var/squid/logs/netdb.state
2016/04/11
09:25:53| Processing: pinger_enable on
2016/04/11
09:25:53| Processing: pinger_program
/usr/pbi/squid-amd64/local/libexec/squid/pinger
2016/04/11
09:25:53| Processing: logfile_rotate 0
2016/04/11
09:25:53| Processing: debug_options rotate=0
2016/04/11
09:25:53| Processing: shutdown_lifetime 3 seconds
2016/04/11
09:25:53| Processing: acl localnet src
10.12.140.0/24 127.0.0.0/8
2016/04/11
09:25:53| Processing: forwarded_for on
2016/04/11
09:25:53| Processing: uri_whitespace strip
2016/04/11
09:25:53| Processing: acl dynamic urlpath_regex
cgi-bin \?
2016/04/11
09:25:53| Processing: cache deny dynamic
2016/04/11
09:25:53| Processing: cache_mem 64 MB
2016/04/11
09:25:53| Processing: maximum_object_size_in_memory
256 KB
2016/04/11
09:25:53| Processing: memory_replacement_policy heap
GDSF
2016/04/11
09:25:53| Processing: cache_replacement_policy heap
LFUDA
2016/04/11
09:25:53| Processing: minimum_object_size 0 KB
2016/04/11
09:25:53| Processing: maximum_object_size 4 MB
2016/04/11
09:25:53| Processing: cache_dir ufs /var/squid/cache
100 16 256
2016/04/11
09:25:53| Processing: offline_mode off
2016/04/11
09:25:53| Processing: cache_swap_low 90
2016/04/11
09:25:53| Processing: cache_swap_high 95
2016/04/11
09:25:53| Processing: cache allow all
2016/04/11
09:25:53| Processing: refresh_pattern ^ftp: 1440
20% 10080
2016/04/11
09:25:53| Processing: refresh_pattern ^gopher:
1440 0% 1440
2016/04/11
09:25:53| Processing: refresh_pattern -i
(/cgi-bin/|\?) 0 0% 0
2016/04/11
09:25:53| Processing: refresh_pattern . 0 20%
4320
2016/04/11
09:25:53| Processing: acl allsrc src all
2016/04/11
09:25:53| Processing: acl safeports port 3389 21 70
80 210 280 443 488 563 591 631 777 901 8080 3129
1025-65535
2016/04/11
09:25:53| Processing: acl sslports port 443 563
2016/04/11
09:25:53| Processing: acl safeports port 3389 12345
2016/04/11
09:25:53| Processing: acl purge method PURGE
2016/04/11
09:25:53| Processing: acl connect method CONNECT
2016/04/11
09:25:53| Processing: acl HTTP proto HTTP
2016/04/11
09:25:53| Processing: acl HTTPS proto HTTPS
2016/04/11
09:25:53| Processing: http_access allow manager
localhost
2016/04/11
09:25:53| Processing: http_access deny manager
2016/04/11
09:25:53| Processing: http_access allow purge
localhost
2016/04/11
09:25:53| Processing: http_access deny purge
2016/04/11
09:25:53| Processing: http_access deny !safeports
2016/04/11
09:25:53| Processing: http_access deny CONNECT
!sslports
2016/04/11
09:25:53| Processing: request_body_max_size 0 KB
2016/04/11
09:25:53| Processing: delay_pools 1
2016/04/11
09:25:53| Processing: delay_class 1 2
2016/04/11
09:25:53| Processing: delay_parameters 1 -1/-1 -1/-1
2016/04/11
09:25:53| Processing: delay_initial_bucket_level 100
2016/04/11
09:25:53| Processing: delay_access 1 allow allsrc
2016/04/11
09:25:53| Processing: acl rdp dat XXXX.XX.70.0/24
2016/04/11
09:25:53| Processing: http_access allow rdp
2016/04/11
09:25:53| Processing: dns_nameservers 8.8.8.8
10.12.0.33
2016/04/11
09:25:53| Processing: never_direct allow all
2016/04/11
09:25:53| Processing: cache_peer 10.12.0.32 parent
80 0 no-query no-digest default
2016/04/11
09:25:53| Processing: http_access allow localnet
2016/04/11
09:25:53| Processing: http_access deny allsrc
2016/04/11
09:25:53| Initializing https proxy context