Mikrotik transparent proxy tidak bisa untuk https dan ftp

mikrotik

Tranparent proxy untuk http (80) berjalan sukses.

Tapi tranparent proxy untuk https (443) dan ftp (21) tidak berjalan sempurna.

Perkiraan salah ada di firewall, sudah cek sana sini tetap saja kok sepertinya benar yah semua settingnya.

Setelah sekian lama berkutat dengan daftar firewall filter dan firewall nat yang cukup panjang, akhirnya ditemukan juga penyebabnya :

[pasted from
http://wiki.mikrotik.com/wiki/How_to_make_transparent_web_proxy]

————————————————————————————-

How to make transparent web proxy From MikroTik Wiki

Jump to: navigation, search

Web proxy allows clients to make indirect network connections to other network services. A client connects to the proxy server, then requests file, or other resource available on a different server. Web proxy performs Internet object cache function by storing requested Internet objects, i.e., data available via HTTP and FTP protocols on a system positioned closer to the recipient than the site the data is originated from. Transparent proxy performs request caching invisibly to the end-user. This way the user does not notice that his connection is being processed by the proxy and therefore does not need to perform any additional configuration of the software he is using. To setup transparent proxy follow the steps listed bellow

1. Configure the router to redirect all connections coming from clients (we assume that clients are connected to routers ether1 interface) to port 80 to the web proxy listening on port 8080, by adding the following destination NAT rule:

[admin@MikroTik] >ip firewall nat add in-interface=ether1 dst-port=80 \
 \... protocol=tcp action=redirect to-ports=8080 chain=dstnat

2. Specify DNS server:

[admin@MikroTik] ip dns set primary-dns=195.2.96.2

3. Enable the proxy on port 8080:

[admin@MikroTik] ip proxy set enabled=yes port=8080

Notice that only HTTP traffic is supported in transparent mode of the web proxy. HTTPS and FTP protocols are not going to work this way.

————————————————————————————-

Pantas saja tidak bisa berjalan dengan sempurna ๐Ÿ™‚

2 Comments

2 Comments

  1. meinardi  •  Apr 23, 2009 @12:58 pm

    trus akhirnya ada solusi utk https ??? karena saya juga mengalami masalah yang sama.

  2. timotius witono  •  Apr 23, 2009 @3:32 pm

    Halo meinardi.
    Solusinya, untuk https saya nat langsung, tanpa redirect ke proxy.
    Kalau memang tetap mau menggunakan proxy mikrotik, tidak bisa transparent. Jadi harus pasang manual di browser client u/ opsi proxy.
    Jika mau transparent, bisa gunakan squid murni.

Leave a Reply

Allowed tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>