I am trying to set up web proxy on my main gateway router. here is what I have so far. Then I set up a dst-nat rule in firewall to forward all requests coming in on my LAN port from port 80 to port 3128(proxy)

I fire it up and none of my clients can get to a webpage. The Clients counts up along with the requests, but the hits stays at 0 and so does the cache size. I turn it off and everything works again for my clients.

Any help would be appreciated.[/quote]

I am trying to set up web proxy on my main gateway router. here is what I have so far.

Code: Select all

[admin@MikroTik] ip web-proxy> print
                 enabled: no
             src-address: 0.0.0.0
                    port: 3128
                hostname: "proxy"
       transparent-proxy: yes
            parent-proxy: 0.0.0.0:0
     cache-administrator: "webmaster"
         max-object-size: 4096KiB
             cache-drive: system
          max-cache-size: 1048576KiB
      max-ram-cache-size: unlimited
                  status: stopped
      reserved-for-cache: 1048576KiB
  reserved-for-ram-cache: 354304KiB

Then I set up a dst-nat rule in firewall to forward all requests coming in on my LAN port from port 80 to port 3128(proxy)

I fire it up and none of my clients can get to a webpage. The Clients counts up along with the requests, but the hits stays at 0 and so does the cache size. I turn it off and everything works again for my clients.

Any help would be appreciated.

[/quote]

you must enable web-proxy

ip web-proxy set enabled=yes src-address=0.0.0.0 port=3128 hostname="" transparent-proxy=yes parent-proxy=0.0.0.0:0 \
cache-administrator="webmaster" max-object-size=4096KiB cache-drive=system max-cache-size=unlimited \
max-ram-cache-size=unlimited

ip firewall nat add chain=dstnat in-interface=ether1 dst-port=80 \
\... protocol=tcp action=redirect to-ports=3128

I am trying to set up web proxy on my main gateway router. here is what I have so far.

Code: Select all

[admin@MikroTik] ip web-proxy> print
                 enabled: no
             src-address: 0.0.0.0
                    port: 3128
                hostname: "proxy"
       transparent-proxy: yes
            parent-proxy: 0.0.0.0:0
     cache-administrator: "webmaster"
         max-object-size: 4096KiB
             cache-drive: system
          max-cache-size: 1048576KiB
      max-ram-cache-size: unlimited
                  status: stopped
      reserved-for-cache: 1048576KiB
  reserved-for-ram-cache: 354304KiB

Then I set up a dst-nat rule in firewall to forward all requests coming in on my LAN port from port 80 to port 3128(proxy)

I fire it up and none of my clients can get to a webpage. The Clients counts up along with the requests, but the hits stays at 0 and so does the cache size. I turn it off and everything works again for my clients.

Any help would be appreciated.

[/quote]

you must enable web-proxy

ip web-proxy set enabled=yes src-address=0.0.0.0 port=3128 hostname="" transparent-proxy=yes parent-proxy=0.0.0.0:0 \
cache-administrator="webmaster" max-object-size=4096KiB cache-drive=system max-cache-size=unlimited \
max-ram-cache-size=unlimited

ip firewall nat add chain=dstnat in-interface=ether1 dst-port=80 \
\... protocol=tcp action=redirect to-ports=3128

hope this help

Sorry it is enabled when I try and run it. and the dst-nat is set to ether 2 which is my LAN side. BTW i don't use any masqurade rules. And proxy arp is on on both interfaces.

see this: 172.16.0.0/21 is my network

Tried to add those rules..... still just counts up requests and clients. It's like it doesn't go and get the webpages to give to them. Does it have something to do with proxy arp being on on ether1 and ether2? i think I have to have them on because my ether1 and ether2 are public addresses as well as everything inside my network. ???

Anyone???

Noone has any ideas on how to configure web proxy with public addresses on the inside and no masquerade?????

on the nat rule just dont put anything on in-interface, that seems to work for me

db

Tried it with a dst-nat on tcp6 port 80 redirect to 3128. No in-interface set. still counts up the clients and requests. But it still does not have any "hits" or "recieved from server" or "hits sent to clients" they all stay at 0. The cache size also stays at zero. So i think it is seeing the requests to go to the web address, it it just not going and getting the page, caching it and delivering it.?????