Queue with Masquerading and Internal Web-Proxy

From MikroTik Wiki
Revision as of 03:37, 25 October 2006 by Valens (talk | contribs)
Jump to: navigation, search

in progress, please visit later.

This page will tak about how to make QUEUE TREE in RouterOS that also running Web-Proxy and Masquerading. Several topic in forum say it's impossible to do.

Let's set the basic setting first. I'm using a machine with 2 network interface: 

admin@instaler] > in pr
#    NAME       TYPE    RX-RATE    TX-RATE    MTU  
0  R public     ether   0          0          1500 
1  R lan        wlan    0          0          1500

And this is the IP Address for each interface: 

[admin@instaler] > ip ad pr
Flags: X - disabled, I - invalid, D - dynamic 
#  ADDRESS           NETWORK      BROADCAST      INTERFACE
0  192.168.0.217/24  192.168.0.0  192.168.0.255  public   
1  172.21.1.1/24     172.21.1.0   172.21.1.255   lan

Don't forget to set the transparant web-proxy 

[admin@instaler] > ip web-proxy pr
                enabled: yes
            src-address: 0.0.0.0
                   port: 3128
               hostname: "proxy"
      transparent-proxy: yes
           parent-proxy: 0.0.0.0:0
    cache-administrator: "webmaster"
        max-object-size: 4096KiB
            cache-drive: system
         max-cache-size: none
     max-ram-cache-size: unlimited
                 status: running
     reserved-for-cache: 0KiB
 reserved-for-ram-cache: 154624KiB

Make 2 NAT rules, 1 for Masquerading, and the other for redirecting transparant proxy. 

[admin@instaler] ip firewall nat> pr
Flags: X - disabled, I - invalid, D - dynamic 
0   chain=srcnat out-interface=public 
    src-address=172.21.1.0/24 action=masquerade 
1   chain=dstnat in-interface=lan src-address=172.21.1.0/24 
    protocol=tcp dst-port=80 action=redirect to-ports=3128
Retrieved from "https://wiki.mikrotik.com/index.php?title=Queue_with_Masquerading_and_Internal_Web-Proxy&oldid=3639"