System information

ManualsBrandsAXIOMTEK ManualsComputer AccessoriesDSA-132 Series

171

172

173

174

175

176

177

178

179

180

Manual:IP/Proxy

174

Proxy configuration example

In MikroTik RouterOS proxy configuration is performed in /ip proxy menu. See below how to enable the proxy on

port 8080 and set up 195.10.10.1 as proxy source address:

[admin@MikroTik] ip proxy> set enabled=yes port=8080 src-address=195.10.10.1

[admin@MikroTik] ip proxy> print

enabled: yes

src-address: 195.10.10.1

port: 8080

parent-proxy: 0.0.0.0:0

cache-drive: system

cache-administrator: "admin@mikrotik.com"

max-disk-cache-size: none

max-ram-cache-size: 100000KiB

cache-only-on-disk: yes

maximal-client-connections: 1000

maximal-server-connections: 1000

max-fresh-time: 3d

When setting up regular proxy service, make sure it serves only your clients and prevent unauthorised access to it by

creating firewall that allow only your clients to use proxy, otherwise it may be used as an open proxy.

Remember that regular proxy require also client’s web browser configuration.

For example:

Explorer 8.x Firefox 3.x Opera 10.x

Select Tools>Internet options.

Click the Connections tab.

Select the necessary connection and choose Settings button.

Configure proxy address and port.

Select Tools>Options.

Click the Advanced tab.

Open the Network tab.

Click the Connection/Settings

Select Manual proxy configuration'

Select Tool>Preferences.

Open the Advanced tab/Network.

Click the Proxy servers.

Enter proxy address and port.

Transparent proxy configuration example

RouterOS can also act as a Transparent Caching server, with no configuration required in the customer’s web

browser. Transparent proxy does not modify requested URL or response. RouterOS will take all HTTP requests and

redirect them to the local proxy service. This process will be entirely transparent to the user (users may not know

anything about proxy server that is located between them and original server), and the only difference to them will

be the increased browsing speed.

To enable the transparent mode, firewall rule in destination NAT has to be added, specifying which connections (to

which ports) should be transparently redirected to the proxy. Check proxy settings above and redirect us users

(192.168.1.0/24) to proxy server.

[admin@MikroTik] ip firewall nat> add chain=dstnat protocol=tcp src-address=192.168.1.0/24 \

dst-port=80 action=redirect to-ports=8080

[admin@MikroTik] ip firewall nat> print

Flags: X - disabled, I - invalid, D - dynamic