I have a strange issue where it seems accessing the WUI on 444 is going through squid.
I do not have port 444 as an allowed port in web proxy settings. However if I block all traffic from FORWARDFW out simulating an “INTERNET KILL SCENARIO”, and I do the same for OUTGOINGFW, but above the kill rule I create rules that allow 444 out to BLUE and GREEN, I also ensure that GREEN and BLUE can INPUTFW 444.
When I enable these rules and my MacBook is using the squid proxy, it seems to try to use the proxy to access the WUI and gets blocked. If I disable the squid proxy settings on my MacBook, I am able to access the WUI (and internet traffic remains killed as expected). I have checked that my .pac file states that the BLUE and GREEN subnets should be excluded from proxying, and also set this manually in my proxy settings to no avail. I have to disable the proxy on my MacBook to access the WUI, this does not seem right, why would it be communicating to a local address on 444 through Squid???
Also to confirm that accessing WUI is going through squid, when I told URLFilter to block access to a site referenced by its IP it was previously blocking access to the WUI (as I access it by IP) so I had to add it in exemption in URLFilter. So I do not understand why this port 444 traffic is going through squid, 444 is not even an allowed port (or maybe this is the problem, maybe I need to allow 444 through squid?). But if I do that, thats a bandaid fix as it means that my client devices (iphone and macbook) are ignoring the local subnet proxy exemptions and using squid anyway. I highly doubt that however, so is there something trying to funnel all traffic to squid regardless? I have transparent proxy turned off.
Even weirder I’m not seeing any logs that are telling me why my access to the WUI is blocked. No proxy, URLFilter, Firewall, or squid logs. All I know is that if I tell my client PC to ignore squid proxy then it works, if I let my device auto-configure the proxy, or manually configure proxy, I lose access to the WUI.
Can ssh on 222 no problem but ssh won’t use http proxy anyway right