Mikrotik Configuration for Transparent web proxy

One function is to store the proxy cache. If a LAN uses a proxy to connect to the Internet, it is done by the browser when a user accesses a web server url is taking these requests in a proxy server. Whereas if the data has not been contained in the proxy server then get directly from the web proxy server. Then the request is stored in the proxy cache. Furthermore, if there are clients who make requests to the same url, it will be taken from the cache. This will make access to the Internet faster.

How to ensure that every user accessing the Internet through a web proxy that we have enabled? For this we can implement a transparent proxy. With the transparent proxy, every browser on a computer that use this gateway automatically go through a proxy.



All these features enable the web proxy in mikrotik:
[admin@ Mikrotik]> / ip proxy set enabled = yes
[admin @ Mikrotik]> / ip web-proxy set
cache-administrator = admin.fauzi @ infoasia.net
[admin @ Mikrotik]> / ip web-proxy print
enabled: yes
src-address: 0.0.0.0
port: 3128
hostname: "Mikrotik"
transparent-proxy: yes
parent-proxy: 0.0.0.0:0
cache-administrator: "admin@localhost"
max-object-size: 8192KiB
cache-drive: system
max-cache-size: unlimited
max-ram-cache-size: unlimited
status: running
reserved-for-cache: 4733952KiB
reserved-for-ram-cache: 2048KiB
Creating a rule for transparent proxy on the firewall NAT, rather there is masquerading under the rule for NAT:

[admin @ Mikrotik]> / ip firewall nat add chain = dstnat in-interface = local src-address = 192.168.0.0/24 protocol = tcp dst-port = 80 action = redirect to-ports = 3128
[admin @ Mikrotik]> / ip firewall nat print
Flags: X - disabled, I - invalid, D - dynamic
0 chain = srcnat out-interface = Public action = masquerade
1 chain = dstnat in-interface = local src-address = 192.168.0.0/24 protocol = tcp dst-port = 80 action = redirect to-ports = 3128

0 Comment:

Post a Comment