Follow us on...
Follow us on G+ Follow us on Twitter Follow us on Facebook Watch us on YouTube
Register
Results 1 to 11 of 11

Thread: [ask] web-proxy

  1. #1
    Status
    Offline
    sempy26's Avatar
    Newbie
    Join Date
    Sep 2007
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0

    [ask] web-proxy

    bro mohon bantuan...

    sebenarnya ini masalah klasik..dulu pernah gini juga, trs utak atik n berhasil, kemarin install mikrotik dengan mesin yg beda, mau seting web-proxy nya ternyata balik lagi ke masalah ini, n udah di utak atik tetep aja gak bisa....

    ini print nya...
    /ip firewall nat pr
    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; lan ==> inet
    chain=srcnat out-interface=ether2 action=masquerade
    1 ;;; proxy
    chain=dstnat in-interface=ether1 protocol=tcp dst-port=80
    action=redirect to-ports=3128
    2 chain=dstnat in-interface=ether1 protocol=tcp dst-port=8080
    action=redirect to-ports=3128
    3 chain=dstnat in-interface=ether1 protocol=tcp dst-port=8000
    action=redirect to-ports=3128

    /ip web-proxy pr
    enabled: yes
    src-address: 0.0.0.0
    port: 3128
    hostname: "proxy"
    transparent-proxy: yes
    parent-proxy: 0.0.0.0:0
    cache-administrator: "webmaster"
    max-object-size: 4096KiB
    cache-drive: system
    max-cache-size: 10485760KiB
    max-ram-cache-size: 262144KiB
    status: running
    reserved-for-cache: 10485760KiB
    reserved-for-ram-cache: 151552KiB

    /ip web-proxy mon
    status: running
    uptime: 42m47s
    clients: 0
    requests: 0
    hits: 0
    cache-size: 7644KiB
    ram-storage-size: 100KiB
    received-from-servers: 0KiB
    sent-to-clients: 0KiB
    hits-sent-to-clients: 0KiB

    dari monitor status nya keliatan kan bro....yap web-proxy nya gak jalan
    mohon bantuannya...kira2 saya kurang setingan apa ya? seingat saya mesin mikrotik yang dulu pake setingan ini juga, thanks..

  2. #2
    Status
    Offline
    okto_2005's Avatar
    Member Super Senior
    Join Date
    Jul 2007
    Posts
    655
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    tanya dulu nih bro

    ether2 sama ether1 yg public yg mana?
    nat rule 2 sama 3 g perlu. soalnya port 8080 sama 8000 itu biaasnya juga port proxy jd g perlu dibelokin.

  3. #3
    Status
    Offline
    sempy26's Avatar
    Newbie
    Join Date
    Sep 2007
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    oia maaf keterangan nya gak lengkap, ini dia:
    ether2=public
    ether1=local

    setting pertama kali emang cuma port 80 aja bro...ttp aja juga gak bisa, rule 2 dan 3 itu cuma coba2 aja...di nat nya juga gak ada traffic dari port itu...tp utk baiknya udah aku disabled bro...tp masalah ttp sama, proxy gak jalan...selain masalah proxy ini, overall feature mikrotik jalan semua lancar jaya..

    bagaimana dengan settingan /ip proxy..apa harus enabled juga? thanks buat reply nya bro okto
    Last edited by sempy26; 15-11-2007 at 16:56.

  4. #4
    Status
    Offline
    dot
    dot's Avatar
    Newbie
    Join Date
    Oct 2007
    Posts
    48
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    coba tambahin ini, mudah2 bener Click here to enlarge

    /ip firewall mangle
    chain=prerouting in-interface=ether1 src-address=ip address lokal
    action=mark-connection new-connection-mark=Mark_Conn
    passthrough=yes comment="mark koneksi"

    chain=forward in-interface=ether2 connection-mark=Mark_Conn
    action=mark-packet new-packet-mark=mark_down
    passthrough=no comment="Direct Down"

    chain=output out-interface=ether1 dst-address=ip address lokal
    action=mark-packet new-packet-mark=mark_down
    passthrough=no comment="Download via proxy"

    chain=prerouting in-interface=ether1 src-address=ip address lokal
    action=mark-packet new-packet-mark=up_conn passthrough=no
    comment="UP connection"

  5. #5
    Status
    Offline
    dot
    dot's Avatar
    Newbie
    Join Date
    Oct 2007
    Posts
    48
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    0 ;;; lan ==> inet
    chain=srcnat out-interface=ether2 action=masquerade
    satu lagi bro

    coba diganti

    /ip firewall nat
    chain=srcnat src-address=ip address lokal action=masquerade

  6. #6
    Status
    Offline
    sempy26's Avatar
    Newbie
    Join Date
    Sep 2007
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    @dot:

    kalo di rule redirect nya gak masalah bro..kayaknya di web-proxy nya...status monitor nya gak ada yg nyangkut sama sekali...biasanya begitu enabled kan langsung keliatan klien nya berapa....makanya binun juga neh...

  7. #7
    Status
    Offline
    dot
    dot's Avatar
    Newbie
    Join Date
    Oct 2007
    Posts
    48
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    @up

    diliat dari ip web-proxy nya keliatannya udh bener2 aja tuh
    coba aja di cek di internet bro, apa proxynya kedetek disana apa enggak, klo gk kedetek ya berarti ada yang salah dengan rule yang laen Click here to enlarge

  8. #8
    Status
    Offline
    kucingGarong's Avatar
    Member
    Join Date
    Jul 2007
    Posts
    235
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    Click here to enlarge Originally Posted by sempy26 Click here to enlarge
    bro mohon bantuan...

    sebenarnya ini masalah klasik..dulu pernah gini juga, trs utak atik n berhasil, kemarin install mikrotik dengan mesin yg beda, mau seting web-proxy nya ternyata balik lagi ke masalah ini, n udah di utak atik tetep aja gak bisa....

    ini print nya...
    /ip firewall nat pr
    Flags: X - disabled, I - invalid, D - dynamic
    0 ;;; lan ==> inet
    chain=srcnat out-interface=ether2 action=masquerade
    1 ;;; proxy
    chain=dstnat in-interface=ether1 protocol=tcp dst-port=80
    action=redirect to-ports=3128
    2 chain=dstnat in-interface=ether1 protocol=tcp dst-port=8080
    action=redirect to-ports=3128
    3 chain=dstnat in-interface=ether1 protocol=tcp dst-port=8000
    action=redirect to-ports=3128
    saya coba jawab:
    1. ether2 berarti itu interface ke internet/publik kan..?
    2. rule 1,2,3 di delete ganti dengan seperti ini :
    chain=dstnat protocol=tcp dst-port=80 action=redirect to-ports=3128 ---> 3128 port default web-proxy
    3. coba ganti cache-administrator dengan contohkan TEST, tujuannya untuk mengetahui apakah si client yg menggunakan port 80 sudah di arahkan dengan bener ke port 3128. dengan cara men-deny 1 client, trus si clientnya browsing trus liat cahce-administratornya apakah TEST

    semoga membantu Click here to enlarge

  9. #9
    Status
    Offline
    sum14rdi's Avatar
    VIP Member
    Join Date
    Sep 2007
    Location
    Tambun-Bekasi
    Posts
    860
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    tambahin ini dan taruh dipaling atas firewall filter anda...
    / ip firewall filter add chain=input src-address="your LAN Ip range" action=accept disable=no
    ganti your lan ip range dengan ip lan ditempat anda

    ada kemungkinan client anda tidak mendapat akses baca/tulis ke mikrotik, klo lewat doang bisa.

  10. #10
    Status
    Offline
    sempy26's Avatar
    Newbie
    Join Date
    Sep 2007
    Posts
    35
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    0
    kayaknya masalah nya ada di web-proxy nya bro

    udah jalanin semua rule2 diatas...ttp gak bisa
    biasanya begitu kita running proxy, di status nya bakalan keliatan kan informasi kayak klien ato hit nya...ini gak keliatan bro..alias 0 utk semua parameter nya kecuali bagian cache nya......huh bingung pol..

  11. #11
    Status
    Offline
    sum14rdi's Avatar
    VIP Member
    Join Date
    Sep 2007
    Location
    Tambun-Bekasi
    Posts
    860
    Reviews
    Read 0 Reviews
    Downloads
    0
    Uploads
    0
    Feedback Score
    1 (100%)
    udah dimasukin IP lan anda di
    / ip web-proxy access
    add src-address=192.168.0.0/24 action=allow comment="" disabled=no

    / ip web-proxy cache
    add src-address=192.168.0.0/24 action=allow comment="" disabled=no

    menurut saya, tetap karena client tidak dapat menggunakan/mengakses web-proxy anda (pernah dicoba satu pc aja, settingan web browsernya diisi manual ip proxynya ? muncul gak di statistik web proxy? )

    klo di squid under real linux bisa dilihat file log-nya, tapi klo dimikrotik gak tau dimana file lognya....

 

 

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •