MikroTik

hi.
I have mk v3.6 in x86 and I enable web proxy with cache drive system and it doesnt work in transparent mode
and when I set the proxy manually in my web browser some pages dont show. Can you please tell me what`s wrong????

Did you set ´redirect´´ rule in firewall/nat to the port of the proxy?
You have to route port 80 traffic to the port of your proxy or all traffic just passes the proxy.


Rudy

hi jamchan_hn

The proxy works very well in 3.6 OS, controls the configuration nat / firewall and not using this routing for the port 80.

JL

Hello all,
please i need some help on how can configure my hotspot to use proxy on my MOT box they are both on the same box i have try setting firewall nat dst-nat and redirect to to th proxy port
and from the hotspot user profile set to transparent proxy and on server profile i put in the HTTP proxy to the the address of the MOT box and ttork stop working.
please i need some hlep on how i could go about this.
Thanks.

Hello!!
It's true that web-proxy doesn't work. Recently I upgrade to routeros 3.6 from3.14 RC. an doesn't workssss!!!
If I downgrade its start work, and with the new version not!!!
someone know what happend!!
Thanks
Rafael Lore

Well, my proxyserver (with cache enabled) works, but instead of making browsing faster it actually delays initial page downloads a lot, up to 30secs...
Once a page is in the cache it comes fast, but roughly at the same time as proxycache disabled.

So I switched it off again to see my normal speedy browsing is back.....

I think I need to build myself a linus proxyserver. Hope that will improve things....

rudy

hi Rudy
And how do you it works? do you have this roule in Ip firewall nat: Thanks
Rafael Lore

hello
thanks for the replys, i made this rules redirect port 80 to 8080 and doesnt work and other rule with dst-nat chain to
the ip of my proxy on port 8080 and it doesnt work i change to port 3128 and it doesnt work the rules its fine but dont works.

regards.

This is my redirect in firewall/nat:

;;; Redirect port 80 traffic (tcp) to webproxy
chain=dstnat action=redirect to-ports=8080 dst-address=!10.xx.xx.xx
in-interface=ether3 (MaruCom Network) dst-port=80 protocol=tcp

So, all my traffic from the ehter3 interface (which is my client network) that has port 80 protocol ´tcp´ as its destination is redirected to port 8080 which is the port of my proxy.
(You will notice I excluded dst-address 10.xx.xx.xx from this rule. This is my main router and I want to be able to reach that router from remote by http to see the grahps.)

This is my proxy setup:
/ip proxy> print
enabled: no
src-address: 0.0.0.0
port: 8080
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-drive: system
cache-administrator: "webmaster"
max-cache-size: unlimited
cache-on-disk: yes
max-client-connections: 600
max-server-connections: 600
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4

If you disable the proxy, you also have to disable the redirect to allow browsing the old fashioned way.
If I enable proxy and the nat rule the counters all run up, also the hits etc but my browsing for first time pages is sooooo verrrrry slooooooow!

So everything is disabled untill I have a workaround for this...

(Mind you, my WAN is fed wit 2x 7,5Mb lines, so not so slow to start with.)

Rudy

thanks rudy
i understand that and my configuration its like yours i enable the proxy with nat rule for transparent mode and without the nat also and i set manually the proxy on my web browser and also to it doesnt work i downgrade to v3.2 and it just the same thing doesnt work this is my configuration:

web-Proxy;;;;;

enabled: yes
src-address: 0.0.0.0
port: 8080
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-drive: system
cache-administrator: "webmaster"
max-cache-size: 67220000KiB
cache-on-disk: yes
max-client-connections: 2000
max-server-connections: 2000
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4

the nat rule.......

chain=dstnat action=redirect to-ports=8080 src-address=0.0.0.0/0
dst-port=80 protocol=tcp

also i made using in-interface=my Lan

whats wrong....

regards.

Dudes,

I don't know why your MT web proxy are not working with ver 3.6, but it's working just fine with my MT ver 3.6. ok let me tell you my web proxy configuration.

1st enable your web proxy as like this:

enabled: yes
src-address: 0.0.0.0
port: 3128
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-drive: system
cache-administrator: "admin@your-isp.com"
max-cache-size: unlimited
cache-on-disk: yes
max-client-connections: 1000
max-server-connections: 1000
max-fresh-time: 3d
serialize-connections: yes
always-from-cache: yes
cache-hit-dscp: 4

you can change the port to 8080 too and cache-administrator:"write as you want"


1st masquerade your client ip range

/ip firewall nat add chain=srcnat action=masquerade src-address=222.2.2.0/24 out-interface=public

2nd for transparent proxy

/ip firewall nat add chain=dstnat action=dst-nat to-addresses=222.2.2.1 to-ports=3128 src-addr
ess=222.2.2.0/24 protocol=tcp port=80

and BTW put the masquerade rule 1st then put the transparent rule 2nd.

Thanks hope it'll work for you guys.

Peace

Well,

Lets hope somebody of MT reads this. Or send them a support mail.
I don´t know what is wrong but something is, that is clear.

Anybody else on this forum?

p.s
I notice you have a max cache size limit set. The manual says that should be calculated automatically by the ros if you set the limit on ¨unlimited¨ but in my case that doesn't work. It did in yours? Or did you set is manually?


rgds

Rudy

hulk-pd:

I don´t see the reason why I should masquerade my client network?
It´s not possible anyway in my case since traffic is already src-natted in different ways due my load balancing and fail over system build in. (With mangle and then src-nat depending on the marker.)

It´s also not needed for the proxy to work, mine does work. It is only very slow on the first initial page look-up. When a page is already in the cache, the requesting machine gets it very fast. Special if there are no changes to the website. But the more changes (frames that need updated) the slower the website builds when the proxy is enabled.
So only very static websites see speed improvement by using my webproxy with cache, but every dynamic part that needs updated form the web first comes in very slow. Much slower then when that info was requested direct (without the webproxy enabled.)

It looks like the ´page´ request handling of the proxy has problems in getting, or forwarding the new data?

Rudy

Rudy

WirelessRudy

you don't need to masquerade your client ip range I have written it for masqueraded clients, you can only put the dst-nat rule for your transparent proxy. and about max-cache-size if I put unlimited in the web proxy then web proxy calculate itself with your RAM and HDD size. at fast I have put manually for max-cache-size then after few days I put unlimited there.


Thanks

Well lets see,
My configuration is different, first of all I redirect the traffic to my proxy with and then I masquarade: And what is strange, si that in version 3.14RC work, with the new one NOT!!!
The other thing that is tooooo slow, is true. when you want to see the first page go and have a cup of tea, and the the page will be fully, and don´t talk if is one dynamic!!
To resolve my problem I come back to 3.14RC
Rafael Lore

hulk
i`ll ready made it the configuration that you say and i still with the problem using using the proxy manually in my web browser
and i try with other x86 v3.2 and doesnt work, but if i set this configuration:

set enable proxy=yes
ip/proxy/access

8 *mayanet.hn* allow 587
9 *google.com* allow 319
10 deny 13477 redirect to :www.google.com

if you see i have hits in google but it doesn show the page but, mayanet.hn its show very well , is the page that i have in my web server in my lan in the end it doesnt work in transparent mode o set manually the proxy in the web browser

regards