Example 1
Configuration:
In Example one, we don't need to do any changing in Mikrotik settings, just configure your Proxy-Server complete and give proper internet to Mikrotik, no need to turn-on Mikrotik Web-Proxy in Example 1, If you want to Turn-On Mikrotik Web-Proxy, You can but no need
If you want turn on web-proxy you can, and allso you need to use proxy port example(3128) or need to redirect proxy-port in firewall fo tranceparent-proxy
Justt add in /ip firewall nat add chain=dstnat action=redirect to-ports=3128 protocol=tcp dst-port=80
Example 2
Just http (port 80) traffic through to Proxy-Server, Other All traffic go Direct to Modem not through Proxy-Server
Configuration:
1st) Network IP Address Details
Client's Network (IP Range 192.168.0.0/24 Gateway-IP 192.168.0.1)
Mikrotik Network 3 Interface (eth1 for clients = 192.168.0.1) (eth2 for Modem = 192.168.10.2) (eth3 for Proxy-Server = 192.168.5.2)
Modem Network, IP-Address 192.168.10.1
Proxy-Server Network 2 Interface (eth1 for Mikrotik = 192.168.5.1) (eth2 for Modem (for direct internet) = 192.168.10.3)
2nd) Mikrotik Configuration
1)Firewall, /ip firewall nat add chain=dstnat dst-address=192.168.0.1 protocol=tcp dst-port=80 action=dst-nat to-addresses=192.168.5.1 to-ports=80
2)Web-Proxy, you can turn on Web-Proxy, and use Web-Proxy/Setings/Parant-Proxy(192.168.5.1 port-80)
but you need to use just one rool (Firewall Web-Proxy) do not use both of it
Example 3
Just http (port 80) traffic through to Proxy-Server, Other All traffic go Direct to Modem not through Proxy-Server, but Linux also client of Mikrotik, not connected directly to modem or not any direct internet source
Configuration:
1st) Network IP Address Details
Client's Network (IP Range 192.168.0.0/24 Gateway-IP 192.168.0.1)
Mikrotik, 4 Interface, Interface IP-Address (eth1 for clients = 192.168.0.1) (eth2 for Modem = 192.168.10.2) (eth3 for http traffic to Proxy-Server = 192.168.5.2) (eth4 for give internet to Proxy-Server = 192.168.6.1)
Modem Network, IP-Address 192.168.10.1
Proxy-Server Network, 2 Interface, Interface IP-Address (eth1 for Mikrotik = 192.168.5.1) (eth2 for Internet Bring IN = 192.168.6.2)
2nd) Mikrotik Configuration
1)Firewall, /ip firewall nat add chain=dstnat dst-address=192.168.0.1 protocol=tcp dst-port=80 action=dst-nat to-addresses=192.168.5.1 to-ports=80
2)Web-Proxy, you can turn on Web-Proxy, and use Web-Proxy/Setings/Parant-Proxy(192.168.5.1 port-80)
but you need to use just one rool (Firewall Web-Proxy) do not use both of it
Example 4
This Example same like Example-2, Just Added one Core-Router With Load-Balancer, Client-Gateway Router sent http (port 80) traffic through Proxy-Server, Other All traffic go Direct to Core-Router not through Proxy-Server
Configuration:
1st) Network IP Address Details
Client's Network (IP Range 192.168.0.0/24 Gateway-IP 192.168.0.1)
Mikrotik Network 3 Interface (eth1 for clients = 192.168.0.1) (eth2 for Core-Router = 192.168.10.2) (eth3 for http traffic to Proxy-Server = 192.168.5.2)
Core-Router, IP-Address (eth4 for Proxy-Server = 192.168.9.1) (eth5 for Mikrotik = 192.168.10.1) (eth1, eth2, eth3, for Modem's)
Proxy-Server Network 2 Interface (eth1 for Mikrotik = 192.168.5.1) (eth2 for Core-Router (for direct internet) = 192.168.9.2)
2nd) Mikrotik Configuration
Example 5
One Core-Router with Load-Balancer and one Client-Gateway-Router with Web-Proxy Server, All traffic go Direct to Core-Router through Mikrotik-Gateway-Router (Not any External Proxy Server, Just Mikrotik Web-Proxy)
0 komentar: