Hi guys, I'm used with using linux router before and still new with Mikrotik. Been doing some reading but I just couldn't figure out how to redirect a web into a different address.
Can anyone help me step by step how to simply redirect sample.website.com into 100.100.100.100?
I'm using Mikrotik as web-proxy. So even if I add the address to my host file in my windows client it just doesn't work. My mozilla/IE would just connect to my router and go to the original website.
With other router I just need to add the host file. But how do I do this with mikrotik?
Thanks.
well, both of sample.website.com and the address I'm trying to redirect it to are outside my private network. It's not my webserver.
I did try resolving sample.website.com and then add the DNS into dst-nat, but it ignore it for some reason....
Maybe I did it wrong?
chain=dstnat dst-address=[ResolvedDNS] protocol=tcp dst-port=80
action=dst-nat to-addresses=100.100.100.100 to-ports=80
or it just doesn't work that way?
I did try resolving sample.website.com and then add the DNS into dst-nat, but it ignore it for some reason....
Maybe I did it wrong?
chain=dstnat dst-address=[ResolvedDNS] protocol=tcp dst-port=80
action=dst-nat to-addresses=100.100.100.100 to-ports=80
or it just doesn't work that way?
The thing is... it doesnt work 
If I typed the sample.website.com on my browser it still go to the original page. Even if I typed the resolved DNS it still go the the original page.
Just for the record, I'm using Mikrotik only as a proxy....
I have two ISP and a router I already set up using gentoo linux. Right now Mikrotik serves as a proxy to connect to the new ISP I'm using(so I'm basically only using Mikrotik's Squid's features for now).
Any changes I made on the firewall setting seems to impact nothing so far.... it's as if the squid built in Mikrotik have its own rules or something... is this the case?
Is it maybe that I'm the one that use it wrong? or this is the limit of Mikrotik?
Another solution that I can think of... I just need to switch the use between the two, but it'll take a lot of work since I gotta to turn this Mikrotik to have the same ability as my other router(bandwidth quota, time synchronization, email notification, etc.)....
If I typed the sample.website.com on my browser it still go to the original page. Even if I typed the resolved DNS it still go the the original page.
Just for the record, I'm using Mikrotik only as a proxy....
I have two ISP and a router I already set up using gentoo linux. Right now Mikrotik serves as a proxy to connect to the new ISP I'm using(so I'm basically only using Mikrotik's Squid's features for now).
Any changes I made on the firewall setting seems to impact nothing so far.... it's as if the squid built in Mikrotik have its own rules or something... is this the case?
Is it maybe that I'm the one that use it wrong? or this is the limit of Mikrotik?
Another solution that I can think of... I just need to switch the use between the two, but it'll take a lot of work since I gotta to turn this Mikrotik to have the same ability as my other router(bandwidth quota, time synchronization, email notification, etc.)....
Unfortunately DST-NAT does not work in this particular case, the particular DST-NAT rule will redirect, when IP addres is used by user in browser.
Other methods could be used to achieve the thing you are asking for. So, if you wish to redirect user to http://www.1.com, when he/she types to browser http://www.2.com
- first method is proxy access-list. 'web-proxy' test package 'ip proxy access' contains option 'redirect-to', where you have to specify destination page (http://www.2.com in our case). 'dst-host' should be the page user typed in browser (http://www.1.com).
- second method is by using static DNS cache, you have to enable static DNS cached and redirect all clients DNS requests to static DNS cache and add static dns entries to 'ip dns static'.
Other methods could be used to achieve the thing you are asking for. So, if you wish to redirect user to http://www.1.com, when he/she types to browser http://www.2.com
- first method is proxy access-list. 'web-proxy' test package 'ip proxy access' contains option 'redirect-to', where you have to specify destination page (http://www.2.com in our case). 'dst-host' should be the page user typed in browser (http://www.1.com).
- second method is by using static DNS cache, you have to enable static DNS cached and redirect all clients DNS requests to static DNS cache and add static dns entries to 'ip dns static'.
I tried the second method....Unfortunately DST-NAT does not work in this particular case, the particular DST-NAT rule will redirect, when IP addres is used by user in browser.
Other methods could be used to achieve the thing you are asking for. So, if you wish to redirect user to http://www.1.com, when he/she types to browser http://www.2.com
- first method is proxy access-list. 'web-proxy' test package 'ip proxy access' contains option 'redirect-to', where you have to specify destination page (http://www.2.com in our case). 'dst-host' should be the page user typed in browser (http://www.1.com).
- second method is by using static DNS cache, you have to enable static DNS cached and redirect all clients DNS requests to static DNS cache and add static dns entries to 'ip dns static'.
if I try to ping sample.website.com from Mikrotik, it does ping the new DNS I specified there. but when I typed in sample.website.com in my client it still went to the original one
I guess only the first method would work since it comes directly from web proxy rules/option.
The main Question is, how do I get that test package option?
EDITED:
I've browsed the net and it seems that I'm not the only one having this problem. Apparently Squid(in Mikrotik) doesn't know how to query a hosts-file... it's weird considering that my squid in my gentoo box know how to.... I tested it once more to make sure and it DID work. Maybe what I really need is that test package option/an update for Mikrotik's squid. Would anyone kindly tell me how to get that package?
RouterOS does not use Squid anymore. Did you follow Sergejs suggestion and use the latest version with webproxy-test package?I tried the second method....Unfortunately DST-NAT does not work in this particular case, the particular DST-NAT rule will redirect, when IP addres is used by user in browser.
Other methods could be used to achieve the thing you are asking for. So, if you wish to redirect user to http://www.1.com, when he/she types to browser http://www.2.com
- first method is proxy access-list. 'web-proxy' test package 'ip proxy access' contains option 'redirect-to', where you have to specify destination page (http://www.2.com in our case). 'dst-host' should be the page user typed in browser (http://www.1.com).
- second method is by using static DNS cache, you have to enable static DNS cached and redirect all clients DNS requests to static DNS cache and add static dns entries to 'ip dns static'.
if I try to ping sample.website.com from Mikrotik, it does ping the new DNS I specified there. but when I typed in sample.website.com in my client it still went to the original one
I guess only the first method would work since it comes directly from web proxy rules/option.
The main Question is, how do I get that test package option?
EDITED:
I've browsed the net and it seems that I'm not the only one having this problem. Apparently Squid(in Mikrotik) doesn't know how to query a hosts-file... it's weird considering that my squid in my gentoo box know how to.... I tested it once more to make sure and it DID work. Maybe what I really need is that test package option/an update for Mikrotik's squid. Would anyone kindly tell me how to get that package?
Hello All,
I tried this configuration before and it was great for mine ..
I can add any domain or sub domain to my custom IP address to DNS .
but my first day , it was bad for me to configure it because MT Router is getting all reversed dns from our ISP , another thing I added or I changed the reserved domain to another ip but finally it was great for us . there is no need to redirect a web-page ..
Try to configure your dns to work correctly at your customers so you can reverse your customized domains .
Regards,
Ghassan
I tried this configuration before and it was great for mine ..
I can add any domain or sub domain to my custom IP address to DNS .
but my first day , it was bad for me to configure it because MT Router is getting all reversed dns from our ISP , another thing I added or I changed the reserved domain to another ip but finally it was great for us . there is no need to redirect a web-page ..
Try to configure your dns to work correctly at your customers so you can reverse your customized domains .
Regards,
Ghassan
I'm pretty sure the DNS-static method would work if I use it as whole.... because I'm sure the web proxy built in Mikrotik would look at the DNS list on Mikrotik itself.Hello All,
I tried this configuration before and it was great for mine ..
I can add any domain or sub domain to my custom IP address to DNS .
but my first day , it was bad for me to configure it because MT Router is getting all reversed dns from our ISP , another thing I added or I changed the reserved domain to another ip but finally it was great for us . there is no need to redirect a web-page ..
Try to configure your dns to work correctly at your customers so you can reverse your customized domains .
Regards,
Ghassan
Unfortuntely I only use it as a proxy, not as routerOS(it's not the one giving IPs to my clients). Seems like it doesn't know where to look up DNS addresses other than the one from my ISP's router. *oh, if it can somehow read the host file from my other router on the same network it'll be great too! I really don't now how capable this Mikrotik is *sigh*
Anyhow, if I somehow manage to install this new web-proxy-test-package I'm pretty sure everything would work just fine(judging from how Mikrotik work so far). The box itself doesn't have a monitor + keyboard right now and if possible I don't want to use netinstall and hook everything up, change the bios setting temporarily, install it, change everything back again if I can have a better option.
But of course, if I can't have the answer by tomorrow I'd have no other choices, do I?
so please, any input on an easier way to install this test-package will be much2 appreciated.
forward all your dns traffic to your MT DNS ,
if someone put any dns , it will not see your dns ...
i am sure you can use it .. forward all 53 ports TCP and UDP to your dns 53 .
and make sure you are allowing remote requests .
if someone put any dns , it will not see your dns ...
i am sure you can use it .. forward all 53 ports TCP and UDP to your dns 53 .
Code: Select all
/ip firewall nat
add chain=dst-nat protocol=tcp dst-port=53 action=dst-nat to-addresses=(your Mikrotik IP) to-ports=53
add chain=dst-nat protocol=udp dst-port=53 action=dst-nat to-addresses=(your Mikrotik IP) to-ports=53
Last edited by Ghassan on Thu May 17, 2007 10:53 am, edited 1 time in total.
and for the host files , lol there is no need for host files if you did like mine .
then make sure to flush your Mikrotik DNS Cache also for your Computer .. just clear dns cache at your computer side .
ping example.com to see if you got 192.168.0.1
Code: Select all
/ip dns static
add name=example.com address=192.168.0.1then make sure to flush your Mikrotik DNS Cache also for your Computer .. just clear dns cache at your computer side .
ping example.com to see if you got 192.168.0.1