diff --git a/src/opnsense/mvc/app/controllers/OPNsense/Proxy/forms/main.xml b/src/opnsense/mvc/app/controllers/OPNsense/Proxy/forms/main.xml
index e4c60526b..04ed49166 100644
--- a/src/opnsense/mvc/app/controllers/OPNsense/Proxy/forms/main.xml
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Proxy/forms/main.xml
@@ -205,6 +205,42 @@
+
+
+ proxy.general.parentproxy.enabled
+
+ checkbox
+ Enable parent proxy feature
+
+
+ proxy.general.parentproxy.host
+
+ text
+ Parent proxy IP address or hostname.
+
+
+ proxy.general.parentproxy.port
+
+ text
+ Parent proxy port.
+
+
+ proxy.general.parentproxy.localdomains
+
+ select_multiple
+
+ true
+ List of domains not to be sent via parent proxy.
+
+
+ proxy.general.parentproxy.localips
+
+ select_multiple
+
+ true
+ List of IP addresses not to be sent via parent proxy.
+
+
diff --git a/src/opnsense/mvc/app/models/OPNsense/Proxy/Proxy.xml b/src/opnsense/mvc/app/models/OPNsense/Proxy/Proxy.xml
index 96345a8dc..bf27912cd 100644
--- a/src/opnsense/mvc/app/models/OPNsense/Proxy/Proxy.xml
+++ b/src/opnsense/mvc/app/models/OPNsense/Proxy/Proxy.xml
@@ -1,6 +1,6 @@
//OPNsense/proxy
- 1.0.1
+ 1.0.2
(squid) proxy settings
@@ -182,6 +182,42 @@
+
+
+ 0
+ Y
+
+
+ N
+
+
+ A host must be set.
+ DependConstraint
+
+ enabled
+
+
+
+
+
+ N
+
+
+ A port must be set.
+ DependConstraint
+
+ enabled
+
+
+
+
+
+ N
+
+
+ N
+
+
diff --git a/src/opnsense/service/templates/OPNsense/Proxy/+TARGETS b/src/opnsense/service/templates/OPNsense/Proxy/+TARGETS
index f2c630673..43b0076a8 100644
--- a/src/opnsense/service/templates/OPNsense/Proxy/+TARGETS
+++ b/src/opnsense/service/templates/OPNsense/Proxy/+TARGETS
@@ -4,6 +4,7 @@ cache.active:/var/squid/cache/active
externalACLs.conf:/usr/local/etc/squid/externalACLs.conf
newsyslog.conf:/etc/newsyslog.conf.d/squid
nobumpsites.acl:/usr/local/etc/squid/nobumpsites.acl
+parentproxy.conf:/usr/local/etc/squid/pre-auth/parentproxy.conf
post-auth.conf:/usr/local/etc/squid/post-auth/dummy.conf
pre-auth.conf:/usr/local/etc/squid/pre-auth/dummy.conf
rc.conf.d:/etc/rc.conf.d/squid/squid
diff --git a/src/opnsense/service/templates/OPNsense/Proxy/parentproxy.conf b/src/opnsense/service/templates/OPNsense/Proxy/parentproxy.conf
new file mode 100644
index 000000000..68db3dc14
--- /dev/null
+++ b/src/opnsense/service/templates/OPNsense/Proxy/parentproxy.conf
@@ -0,0 +1,23 @@
+{% if helpers.exists('OPNsense.proxy.general.parentproxy.enabled') and OPNsense.proxy.general.parentproxy.enabled == '1' %}
+cache_peer {{ OPNsense.proxy.general.parentproxy.host }} parent {{ OPNsense.proxy.general.parentproxy.port }} 0 no-query default
+{% if helpers.exists('OPNsense.proxy.general.parentproxy.localdomains') and OPNsense.proxy.general.parentproxy.localdomains != '' %}
+acl ExcludePPDomains dstdomain {{ OPNsense.proxy.general.parentproxy.localdomains.replace(',', ' ') }}
+{% endif %}
+{% if helpers.exists('OPNsense.proxy.general.parentproxy.localips') and OPNsense.proxy.general.parentproxy.localips != '' %}
+acl ExcludePPIPs dst {{ OPNsense.proxy.general.parentproxy.localips.replace(',', ' ') }}
+{% endif %}
+{% if helpers.exists('OPNsense.proxy.general.parentproxy.localdomains') and OPNsense.proxy.general.parentproxy.localdomains != '' %}
+cache_peer_access {{ OPNsense.proxy.general.parentproxy.host }} deny ExcludePPDomains
+{% endif %}
+{% if helpers.exists('OPNsense.proxy.general.parentproxy.localips') and OPNsense.proxy.general.parentproxy.localips != '' %}
+cache_peer_access {{ OPNsense.proxy.general.parentproxy.host }} deny ExcludePPIPs
+{% endif %}
+cache_peer_access {{ OPNsense.proxy.general.parentproxy.host }} allow all
+{% if helpers.exists('OPNsense.proxy.general.parentproxy.localdomains') and OPNsense.proxy.general.parentproxy.localdomains != '' %}
+never_direct deny ExcludePPDomains
+{% endif %}
+{% if helpers.exists('OPNsense.proxy.general.parentproxy.localips') and OPNsense.proxy.general.parentproxy.localips != '' %}
+never_direct deny ExcludePPIPs
+{% endif %}
+never_direct allow all
+{% endif %}