Sunday, 2 September 2012

Mikrotik Web Proxy


Howto to enable Mikrotik Web Proxy in Transparent Mode


Web proxy is a service that is placed between a client and the internet for HTTP web surfing. It can cache certain contents / http pages in its local cache. Mikrotik have basic PROXY package builtin called WEB PROXY. It is suitable for basic caching for small to mid size networks.
For advance caching capabilities, Use 3rd party external proxy server like SQUID.

MikroTik WEB.PROXY Recommendation


Always try NOT to use the same storage disk to store your your cache and your your Router OS, to ensure there is always enough space on your router OS Disk for logs, upgrade / update packages & Backups. Therefore It is highly recommended that the web-proxy cache is stored on a physically separate drive (store) other than the Router OS. Placing the cache on a separate drive ensures maximum performance and reduces problems if the disk becomes full or fails as the OS will then still be OK!
Caching Internet access will require a lot of read and writes to the disk, chose fast disk as for maximum performance / concurrent user request support.
Cache performance also largely depends on RAM size, the More RAM you have in your server, the Better performance you will get.
We will divide this article in 3 Sections.
1# Preparing Secondary Partition for Cache 
2# Configuring Web Proxy
3# Transparent Proxy
Let’s BEGIN . . .

1# Preparing Secondary Drive for CACHE

First we will Format secondary harddrive (to be used for cache ), IF YOU DON’T WANT TO USE SECONDARY HARD-DIVE, SKIP THIS STEP.
Goto SYSTEM > STORES > DISKS
Select the Secondary Hard drive and click on FORMAT DRIVE
As shown in the image below.


ow go to STORES tab (by navigating to  SYSTEM > STORES)
Select the WEB-Proxy package and click on COPY
It will ask you where to copy WEB-Proxy package, Select Secondary Drive in TO box.
As shown in the image below.




2# Configuring Web Proxy

Now We have to Enable Mikrotik Web Proxy by navigating to 
IP > WEB PROXY

As shown in the image below.

Now Click on “Enable”
in Port, Type 8080
Max Cache Size , Select Unlimited from drop down menu, OR if you have limited Disk Space, then use your desired amount.
You have to specify space in KiloBytes for example 1024 KB = 1MB , so if you want to set 5 GB Cache, then use 5242880 , I am using5 GB in this example. The cache size is really based off of how much RAM you have in the machine
As shown in the image below . . .





Click on Apply and your Mikrotik’s Web Proxy is Ready to be used, But Every client have to set proxy address pointing to Mikrotik IP to be able to use Proxy Service.

3# Transparent Proxy

If we want that every user must be automatically redirected to Proxy transparently, then we have to create additional rule to forcefully redirect users to proxy service, which is called TRANSPARENT PROXY.
.
Goto IP > FIREWALL > NAT and create new rule
In Chain , Select dsntant,
In Protocol, Select 6 (tcp)
In Dst. Port, Type 80

As shown in the image below
 . . .


.
Now goto Action Tab,
In Action, Select redirct
In To Ports, Type 8080
As shown in the image below . . .


Now your newly created rule will look like something below image.
As shown in the image below
 . . .


OR the CLI version of above rule would be something like below.


1/ip firewall nat add action=redirect chain=dstnat disabled=no dst-port=80 protocol=tcp to-ports=8080
/ip firewall nat add action=redirect chain=dstnat disabled=no dst-port=80 protocol=tcp to-ports=8080

22 comments:

  1. Free and fast anonymous web browsing with these ninja proxy. Working fine with youtube, facebook, and many others website. check this out :

    ninjaproxy
    ninjaproxy
    vtunnel
    facebook proxy

    ReplyDelete
  2. i try it bt not working with my rb 450-g.... iam using 2 wan pcc with hotspot....is that another way for hotspot.....? in nat rule /ip firewall nat add action=redirect chain=dstnat disabled=no dst-port=80 protocol=tcp to-ports=8080 no bytes upp its stays 0n 0 bytes...

    ReplyDelete
  3. This is very good to know that I can open blocked blogger and I tried this and found a way and quick way you will be shocked to see.
    Reddit UK proxy

    ReplyDelete
  4. bhai pc ma mikrotike acha chalta hai kia ya routerboard ma

    ReplyDelete
  5. Nice see more------------http://www.mikrotikroutersetup.blogspot.com

    ReplyDelete
  6. I salute to the admin of this diary. i actually like and that i can sure as shooting advocate this diary to my friends.
    Files Tube UK proxy

    ReplyDelete
  7. http://aacable.wordpress.com/2011/12/29/howto-to-enable-mikrotik-routeros-web-proxy-in-transparent-mode/

    ReplyDelete
  8. adding a source article will be more polite, thanks,
    keep helping another
    http://aacable.wordpress.com/2011/12/29/howto-to-enable-mikrotik-routeros-web-proxy-in-transparent-mode/

    ReplyDelete
  9. You can information about internet marketing that are published on reputed sites. He has a very nice understanding about Web development company delhi

    ReplyDelete
  10. I think you made awesome decision the moment when you choose this topic of the blog article here. Very useful information

    access Bomb-mp3 in UK

    ReplyDelete
  11. Your blog give many information thanks for share this informative article.
    access TorrentCrazy in UK

    ReplyDelete
  12. This article is very informative and cool. Thanks for share this beautiful article.
    access Mp3Raid in UK

    ReplyDelete
  13. Your this blog giving us information about subjected topic. Thanks for doing this
    Torrentz UK proxy

    ReplyDelete
  14. Thank you for this post. I want to share with people this site proxy browser

    ReplyDelete
  15. Your site hit the nail on the head. I discovered the best VPN for Gaming at this site http://www.anonymousvpnsoftware.com

    ReplyDelete
  16. We are the worlds leading publisher of Squid 'Native ACL' formatted blacklists, that allow for web filtering directly with Squid proxy. Of course we also offer alternative formats for the most widely used third party plugins, such as DansGuardian and Squidguard. And while our blacklists are subscription based, they are as a result of our efforts, of a much higher degree of quality than the free alternatives.

    We hope to serve you,

    --
    Signed,

    Benjamin E. Nichols
    http://www.squidblacklist.org

    ReplyDelete

  17. Gather Proxy 8.6 (Premium)

    http://shanghaiblackgoons.com/84-gather-proxy-86-premium.html

    http://lobatandawgs.com/81-gather-proxy-86-premium.html

    ReplyDelete
  18. I've been surfing online more than three hours today, yet I never found any interesting article like yours. It’s pretty worth enough for me. In my view , if all webmasters and bloggers made good content as you did, the web w ill be much more useful than ever before. financial advice

    ReplyDelete
  19. The proxy site is very important for the business people because the proxy give the protection for the website and they can protect the site from unauthorized people which they can want to access it.
    access Files tube in UK

    ReplyDelete

There was an error in this gadget