Fusion360 with Squid proxy

Hi all, sorry I am quite new to ipfire and not experienced much with firewalls.
I have squid proxy in non transparent mode and a rule to block port 80/81/443 from source blue to destination red. Web-browsing is working over the proxy-port.
But when I start fusion360 CAD it will not open and I have a blocked connection on 443 (see log pic).
What rule would you advice me to put in place to mitigate this.
Thanks
mat

What client OS are you using? Is the proxy defined system wide? Maybe Fusion360 is not using the configured proxy?

If Fusion can’t be convinced to use the proxy, one solution could be to allow one by one connection in the ruleset, and see if Fusion starts working again. (The cloud-forcing thing of Fusion is pretty bad, from my perspective, but I like using it too)
wiesel

I am using Win10. I tried setting the proxy in fusion and it worked until I started it the next time.
Could you give me more details on how to set up a one by one connection ruleset?
thanks for the fast reply
mat

Like you did with the block rules, you just add allow rules above the block rules, with specific source, destination and port. So as an example: Source: 192.168.72.101 Destination: ui-dls360.autodesk.com Port: 443. It should be working with the hostname as destination, but I’m not 100% sure (And my IPFire is currently not working to be able to check …).

Hi,

hm, the log screenshot shipped you posted looks like at least the application is trying to access these FQDNs via the proxy. Otherwise, the proxy logs would be empty completely.

Could you post a screenshot of your proxy configuration please? Also, are you able to access any FQDN successfully via the proxy (to rule out a more general issue)?

Thanks, and best regards,
Peter Müller

Thanks for your reply, yes I can access FQDN via proxy.
I have no other issues beside starting fusion360 at the moment…
Best regards
Mat

Hi,

your proxy configuration looks fine to me.

At the moment, I have no idea other than intercepting all traffic between the client running that application, and IPFire’s proxy port. You can do so by installing the tcpdump add-on, capture the traffic and write it to a file (by using the -w option of tcpdump), and load the file into Wireshark or something similar.

If necessary, feel free to DM the file to me, and I can have a look at this traffic as well.

Thanks, and best regards,
Peter Müller

Hi
Sorry for being clumsy but I dont’ see how I can DM you. I see no letter in your avatar to click on…
Could my problem be related to the DNS?

Many thanks
Mat

5 posts were split to a new topic: Cannot send DM / PM

Hi Peter, I status was moved to basic user but I am still not able to DM you.
I can DM most others in Cannot send DM / PM though.