Authenticating Squid Package Users with FreeRADIUS¶
Using the Squid Proxy package with the FreeRADIUS 2.x package.
Squid provides the possibility to ask for a username and password for users who want to connect the internt through squid proxy. This works only if squid is running in non-transparent mode.
Disable transparent mode in Proxy Server > General
Enable RADIUS as authentication method in Proxy Server > Auth Settings
Configure an interface in FreeRADIUS > Interfaces
Configure a user in FreeRADIUS > Users
Configure a NAS/Client in FreeRADIUS > NAS/Clients. In this case pfSense itself is the NAS/Client. So enter the pfSense IP-Address.
For squid in non-transparent mode the IP address and the squid port must be entered on the host’s browser. When a user connects to the Internet through the proxy then the browser will present a login window where the user has to enter username and password.