How to make transparent web proxy

From MikroTik Wiki
Revision as of 12:20, 6 January 2006 by Dzintars (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Web proxy allows clients to make indirect network connections to other network services. A client connects to the proxy server, then requests file, or other resource available on a different server. Web proxy performs Internet object cache function by storing requested Internet objects, i.e., data available via HTTP and FTP protocols on a system positioned closer to the recipient than the site the data is originated from. Transparent proxy performs request caching invisibly to the end-user. This way the user does not notice that his connection is being processed by the proxy and therefore does not need to perform any additional configuration of the software he is using. To setup transparent proxy follow the steps listed bellow

1. Configure the router to redirect all connections coming from clients (we assume that clients are connected to routers ether1 interface) to port 80 to the web proxy listening on port 8080, by adding the following destination NAT rule:

[admin@MikroTik] >ip firewall nat add in-interface=ether1 dst-port=80 \
\... protocol=tcp action=redirect to-ports=8080 chain=dstnat 

2. Specify DNS server:

[admin@MikroTik] ip dns set primary-dns=

3. Enable the proxy on port 8080:

[admin@MikroTik] ip web-proxy set enabled=yes port=8080 transparent-proxy=yes

Notice that only HTTP traffic is supported in transparent mode of the web proxy. HTTPS and FTP protocols are not going to work this way.