CacheGuard Help

Is there a way to apply a URL list like "*.microsoft.com" to just be passed through, not proxied, guarded or ssl mediated?

Thanks for all the help.

So yes, next step SSL Mediation then HA... COO approved purchase, so it's good to have a great forum here with staff replying promptly as documentation on the low side.

It actually works properly now... as follows


Workstation VLAN -> Office ASA -> pfSense Router (we have multiple WANs for backup) -> Fibre PTP -> CG -> ASA -> Internet

(CG is VLAN'd over the Fibre PTP as to bypass the ASA for the internal interface on CG)

Used to be a routing nightmare, but I've ...

Added the subnet to "Transparent Networks" under Network > Main Settings and that seemed to have done the trick.

Was checking logs on the pfSense and they're heading out to the CG. Which services need to be running on the CG.
Current output.
mode router on
mode dns on
mode dhcp off
mode snat off
mode firewall off
mode vlan off
mode ha off
mode qos off
mode ftppassive off
mode web on
mode tweb on
mode ...

Hi Charles,

No, I've ensured routing is good and can easily setup proxy to the CG's tcp/8080 from Firefox, but alas my pfSense rule just isn't hitting the CG.

pfSense Rule (on workstation interface)
Protocol: TCP/UDP
Source: Workstation IP (.13)
Port: *
Destination: group_Internet4 (an alias with ...

Thanks for the info. So far I have made the CG be independent of ASA at the DC as mentioned and put through a VLAN on the PTP. I'm able to ping and get to wadmin portal of the CG.

On the pfSense I've created the routing policy for all HTTP/S traffic to use the the CG as the gateway, but it is just ...

CG is at the DataCenter end, let's say IP is 192.168.253.21 and 192.168.254.21.

Forgot to mention, I'd obviously need to forward http/s traffic, not just tcp. I don't need to do SSL remediation, we just want to use cacheguard and blocklists for url guarding.

Here's a quick setup of our workstations VLAN and how it reaches the internet.

<(Workstation VLAN)> --- (Cisco ASA FW) --- (pfSense Router) -*-*- PTP Fibre to DC -*-*- (Cisco ASA Routing/FW) --- Internet
192.168.0.0/22 --- 192.168.0.1/192.168.255.2 --- 192.168.255.1/192.168.254.1 -*-*- 192.168.254 ...