Logging, Web, NAT
Posted: Thu Mar 11, 2010 9:48 am
Hello to all!
I have my routeros 4.5 on PC. I create a masquerading rule in NAT tab in IP->Firewall. Client workstation works well. Then I enabled Web Proxy to introduce rules for web access. When I made browser on client go through proxy then web rules works, if I uncheck proxy in browser - client get full access to the web pages. In that case I disabled masquerading rule and client only can go to the web via proxy. It seems ok, but Windows Update can't work and other things as well. Therefore, questions
1. How to watch src. IP, port, dst. IP, port, and actions (allow/deny)? (I have MS ISA server with such easy to use logging). I want to know IP and port Windows Update service use.....
2. Furthermore, I tried another way: masquerade rule made enable and created NAT rule where all internal traffic on 80 port redirect to the routeros Web Proxy. Now I have not problems with Windows Update and Web rules work properly. What way is the right one?
Thanks in advance,
Konstantin.
I have my routeros 4.5 on PC. I create a masquerading rule in NAT tab in IP->Firewall. Client workstation works well. Then I enabled Web Proxy to introduce rules for web access. When I made browser on client go through proxy then web rules works, if I uncheck proxy in browser - client get full access to the web pages. In that case I disabled masquerading rule and client only can go to the web via proxy. It seems ok, but Windows Update can't work and other things as well. Therefore, questions
1. How to watch src. IP, port, dst. IP, port, and actions (allow/deny)? (I have MS ISA server with such easy to use logging). I want to know IP and port Windows Update service use.....
2. Furthermore, I tried another way: masquerade rule made enable and created NAT rule where all internal traffic on 80 port redirect to the routeros Web Proxy. Now I have not problems with Windows Update and Web rules work properly. What way is the right one?
Thanks in advance,
Konstantin.