Community discussions

MikroTik App
 
xezen
Long time Member
Long time Member
Topic Author
Posts: 628
Joined: Fri May 30, 2008 10:23 am
Location: South Africa

network-------proxybridge-------modem

Mon May 10, 2010 4:38 pm

i have network proxy in bridge---------adsl modem


where am i going wrong please help

/interface bridge
add admin-mac=00:00:00:00:00:00 ageing-time=5m arp=enabled auto-mac=yes \
comment="" disabled=no forward-delay=15s l2mtu=1600 max-message-age=20s \
mtu=1500 name=bridge1 priority=0x8000 protocol-mode=none \
transmit-hold-count=6
/interface ethernet
set 0 arp=enabled auto-negotiation=yes cable-settings=default comment=\
"And Route To Voip" disable-running-check=yes disabled=no full-duplex=yes \
mac-address=00:1D:7D:99:DA:8E mtu=1500 name=internet-1 speed=100Mbps
set 1 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes l2mtu=1600 \
mac-address=00:0C:42:1A:33:F8 mtu=1500 name=PPPOE-Register speed=100Mbps
set 2 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes l2mtu=1600 \
mac-address=00:0C:42:1A:33:F9 mtu=1500 name=Internet-in-1 speed=100Mbps
set 3 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=yes full-duplex=yes l2mtu=1600 \
mac-address=00:0C:42:1A:33:FA mtu=1500 name=internet-2 speed=100Mbps
set 4 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=no full-duplex=yes l2mtu=1600 \
mac-address=00:0C:42:1A:33:FB mtu=1500 name=Local-In speed=100Mbps
set 5 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=yes full-duplex=yes l2mtu=1600 \
mac-address=00:0C:42:1A:34:44 mtu=1500 name=inet2 speed=100Mbps
set 6 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=yes full-duplex=yes l2mtu=1600 \
mac-address=00:0C:42:1A:34:45 mtu=1500 name=ether2 speed=100Mbps
set 7 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=yes full-duplex=yes l2mtu=1600 \
mac-address=00:0C:42:1A:34:46 mtu=1500 name="Voip Network" speed=100Mbps
set 8 arp=enabled auto-negotiation=yes cable-settings=default comment="" \
disable-running-check=yes disabled=yes full-duplex=yes l2mtu=1600 \
mac-address=00:0C:42:1A:34:47 mtu=1500 name=network speed=100Mbps
/ip ipsec proposal
set default auth-algorithms=sha1 comment="" disabled=no enc-algorithms=3des \
lifetime=30m name=default pfs-group=modp1024
/ip pool
add name=ClientsPPTP ranges=192.168.77.1-192.168.77.254
/port
set 0 baud-rate=9600 data-bits=8 flow-control=hardware name=serial0 parity=\
none stop-bits=1
/ppp profile
set default change-tcp-mss=yes comment="" local-address=ClientsPPTP name=\
default only-one=default remote-address=ClientsPPTP use-compression=\
default use-encryption=yes use-vj-compression=default
set default-encryption change-tcp-mss=yes comment="" name=default-encryption \
only-one=default use-compression=default use-encryption=yes \
use-vj-compression=default
/queue type
set default kind=pfifo name=default pfifo-limit=50
set ethernet-default kind=pfifo name=ethernet-default pfifo-limit=50
set wireless-default kind=sfq name=wireless-default sfq-allot=1514 \
sfq-perturb=5
set synchronous-default kind=red name=synchronous-default red-avg-packet=1000 \
red-burst=20 red-limit=60 red-max-threshold=50 red-min-threshold=10
set hotspot-default kind=sfq name=hotspot-default sfq-allot=1514 sfq-perturb=\
5
add kind=pcq name="All Que" pcq-classifier=\
src-address,dst-address,src-port,dst-port pcq-limit=50 pcq-rate=0 \
pcq-total-limit=2000
set default-small kind=pfifo name=default-small pfifo-limit=10
/routing bgp instance
set default as=65530 client-to-client-reflection=yes comment="" disabled=no \
ignore-as-path-len=no name=default out-filter="" redistribute-connected=\
no redistribute-ospf=no redistribute-other-bgp=no redistribute-rip=no \
redistribute-static=no router-id=0.0.0.0 routing-table=""
/routing ospf instance
set default comment="" disabled=no distribute-default=never in-filter=ospf-in \
metric-bgp=20 metric-connected=20 metric-default=1 metric-other-ospf=auto \
metric-rip=20 metric-static=20 name=default out-filter=ospf-out \
redistribute-bgp=no redistribute-connected=as-type-2 \
redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \
router-id=172.18.100.241
/routing ospf area
set Backbone area-id=0.0.0.0 comment="" disabled=no instance=default name=\
Backbone type=default
/routing ospf-v3 instance
set default comment="" disabled=no distribute-default=never metric-bgp=auto \
metric-connected=20 metric-default=1 metric-other-ospf=auto metric-rip=20 \
metric-static=20 name=default redistribute-bgp=no redistribute-connected=\
no redistribute-other-ospf=no redistribute-rip=no redistribute-static=no \
router-id=0.0.0.0
/routing ospf-v3 area
set backbone area-id=0.0.0.0 comment="" disabled=no instance=default name=\
backbone type=default
/snmp
set contact="" enabled=no engine-boots=115 engine-id="" location="" \
time-window=15 trap-sink=0.0.0.0 trap-version=1
/snmp community
set public address=0.0.0.0/0 authentication-password="" \
authentication-protocol=MD5 encryption-password="" encryption-protocol=\
DES name=public read-access=yes security=none write-access=no
/system logging action
set memory memory-lines=100 memory-stop-on-full=no name=memory target=memory
set disk memory-lines=100 memory-stop-on-full=no name=disk target=memory
set echo name=echo remember=yes target=echo
set remote bsd-syslog=no name=remote remote=0.0.0.0:514 src-address=0.0.0.0 \
syslog-facility=daemon syslog-severity=auto target=remote
/user group
add comment="" name=read policy="local,telnet,ssh,reboot,read,test,winbox,pass\
word,web,sniff,sensitive,!ftp,!write,!policy"
add comment="" name=write policy="local,telnet,ssh,reboot,read,write,test,winb\
ox,password,web,sniff,sensitive,!ftp,!policy"
add comment="" name=full policy="local,telnet,ssh,ftp,reboot,read,write,policy\
,test,winbox,password,web,sniff,sensitive"
add comment="" name=x policy="ftp,!local,!telnet,!ssh,!reboot,!read,!write,!po\
licy,!test,!winbox,!password,!web,!sniff,!sensitive"
/interface bridge port
add bridge=bridge1 comment="" disabled=no edge=auto external-fdb=auto \
horizon=none interface=Local-In path-cost=10 point-to-point=auto \
priority=0x80
add bridge=bridge1 comment="" disabled=no edge=auto external-fdb=auto \
horizon=none interface=Internet-in-1 path-cost=10 point-to-point=auto \
priority=0x80
/interface bridge settings
set use-ip-firewall=yes use-ip-firewall-for-pppoe=yes \
use-ip-firewall-for-vlan=yes
/interface l2tp-server server
set authentication=pap,chap default-profile=default-encryption enabled=no \
max-mru=1460 max-mtu=1460 mrru=disabled
/interface ovpn-server server
set auth="" certificate=none cipher=blowfish128,aes128,aes192,aes256 \
default-profile=default enabled=no keepalive-timeout=60 mac-address=\
FE:C1:3E:BD:85:B4 max-mtu=1500 mode=ip netmask=24 port=1194 \
require-client-certificate=yes
/interface pppoe-server server
add authentication=pap,chap,mschap1,mschap2 default-profile=default disabled=\
no interface=Local-In keepalive-timeout=10 max-mru=1480 max-mtu=1480 \
max-sessions=0 mrru=disabled one-session-per-host=yes service-name=""
/interface pptp-server server
set authentication=pap,chap default-profile=default enabled=no \
keepalive-timeout=30 max-mru=1460 max-mtu=1460 mrru=disabled
/ip accounting
set account-local-traffic=no enabled=no threshold=256
/ip accounting web-access
set accessible-via-web=no address=0.0.0.0/0
/ip address
add address=196.213.192.66/29 broadcast=196.213.192.71 comment="" disabled=no \
interface=internet-1 network=196.213.192.64
add address=23.0.0.1/30 broadcast=23.0.0.3 comment="" disabled=no interface=\
PPPOE-Register network=23.0.0.0
add address=196.213.192.70/29 broadcast=196.213.192.71 comment="" disabled=\
yes interface=internet-1 network=196.213.192.64
/ip dhcp-server config
set store-leases-disk=5m
/ip dhcp-server lease
add address=192.168.84.233 client-id=1:0:90:a9:4d:f3:62 comment="" disabled=\
no mac-address=00:90:A9:4D:F3:62
add address=192.168.84.232 client-id=1:0:14:85:51:48:b6 comment="" disabled=\
no mac-address=00:14:85:51:48:B6
add address=192.168.84.227 comment="" disabled=no mac-address=\
00:14:D1:70:4E:91
add address=192.168.84.170 comment="" disabled=no mac-address=\
00:30:13:F1:C1:8D
add address=192.168.84.169 client-id=1:0:21:91:d4:c7:72 comment="" disabled=\
no mac-address=00:21:91:D4:C7:72
add address=192.168.84.231 client-id=1:0:d:61:81:e9:d3 comment="" disabled=no \
mac-address=00:0D:61:81:E9:D3
add address=192.168.84.161 client-id=1:0:9:45:54:2:e2 comment="" disabled=no \
mac-address=00:09:45:54:02:E2
add address=192.168.84.160 client-id=1:0:80:92:8:9c:76 comment="" disabled=no \
mac-address=00:80:92:08:9C:76
add address=192.168.84.157 client-id=1:0:13:49:ab:55:e comment="" disabled=no \
mac-address=00:13:49:AB:55:0E
add address=192.168.84.132 client-id=1:0:2:d1:a:50:b comment="" disabled=no \
mac-address=00:02:D1:0A:50:0B
add address=192.168.84.130 client-id=1:0:13:49:ab:1c:c3 comment="" disabled=\
no mac-address=00:13:49:AB:1C:C3
add address=192.168.84.131 client-id=1:0:22:15:70:e4:56 comment="" disabled=\
no mac-address=00:22:15:70:E4:56
add address=192.168.84.129 client-id=1:0:c:42:8:fa:25 comment="" disabled=no \
mac-address=00:0C:42:08:FA:25
/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=8192KiB \
max-udp-packet-size=1024 servers=168.210.2.2,196.14.239.2
/ip firewall connection tracking
set enabled=yes generic-timeout=10m icmp-timeout=10s tcp-close-timeout=10s \
tcp-close-wait-timeout=10s tcp-established-timeout=1d \
tcp-fin-wait-timeout=10s tcp-last-ack-timeout=10s \
tcp-syn-received-timeout=5s tcp-syn-sent-timeout=5s tcp-syncookie=no \
tcp-time-wait-timeout=10s udp-stream-timeout=3m udp-timeout=10s
/ip firewall filter
add action=drop chain=input comment="" disabled=no dst-port=8080 \
in-interface=Internet-in-1 protocol=tcp src-address=0.0.0.0/0
/ip firewall nat
add action=redirect chain=dstnat comment="" disabled=no dst-address-list=!not \
dst-port=80 in-interface=Local-In protocol=tcp to-ports=8080
add action=masquerade chain=srcnat comment="" disabled=no out-interface=\
internet-1
/ip firewall service-port
set ftp disabled=no ports=21
set tftp disabled=no ports=69
set irc disabled=no ports=6667
set h323 disabled=no
set sip disabled=no ports=5060,5061
set pptp disabled=no
/ip neighbor discovery
set internet-1 discover=no
set PPPOE-Register discover=no
set Internet-in-1 discover=no
set internet-2 discover=no
set Local-In discover=yes
set inet2 discover=no
set ether2 discover=no
set "Voip Network" discover=no
set network discover=no
set bridge1 discover=yes
/ip proxy
set always-from-cache=yes cache-administrator=USE cache-hit-dscp=4 \
cache-on-disk=yes enabled=yes max-cache-size=98028000KiB \
max-client-connections=5000 max-fresh-time=3d max-server-connections=5000 \
parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080,3128 \
serialize-connections=no src-address=0.0.0.0
/ip proxy access
add action=allow comment="" disabled=no
/ip proxy cache
add action=allow comment="" disabled=no path=*.jpg
add action=allow comment="" disabled=no path=*.png
add action=allow comment="" disabled=no path=*.swf
add action=allow comment="" disabled=no path=*.gif
add action=allow comment="" disabled=no path=*.mp3
add action=allow comment="" disabled=no path=*.tiff
add action=deny comment="" disabled=no dst-host=""
/ip proxy direct
add action=allow comment="" disabled=no
/ip route
add comment="" disabled=no distance=1 dst-address=0.0.0.0/0 gateway=\
196.213.192.65 scope=30 target-scope=10
/ip service
set telnet address=0.0.0.0/0 disabled=yes port=23
set ftp address=0.0.0.0/0 disabled=no port=21
set www address=0.0.0.0/0 disabled=no port=81
set ssh address=0.0.0.0/0 disabled=yes port=22
set www-ssl address=0.0.0.0/0 certificate=none disabled=yes port=443
set api address=0.0.0.0/0 disabled=yes port=8728
set winbox address=0.0.0.0/0 disabled=no port=8291
/ip socks
set connection-idle-timeout=2m enabled=no max-connections=200 port=52387
/ip traffic-flow
set active-flow-timeout=30m cache-entries=4k enabled=yes \
inactive-flow-timeout=15s interfaces=all
/ip traffic-flow target
add address=192.168.84.214:2055 disabled=no v9-template-refresh=20 \
v9-template-timeout=30m version=5
add address=196.213.192.67:2055 disabled=no v9-template-refresh=20 \
v9-template-timeout=30m version=5
/ip upnp
set allow-disable-external-interface=no enabled=no show-dummy-rule=no
/ipv6 nd
add advertise-dns=no advertise-mac-address=yes disabled=no hop-limit=\
unspecified interface=all managed-address-configuration=no mtu=\
unspecified other-configuration=no ra-delay=3s ra-interval=3m20s-10m \
ra-lifetime=30m reachable-time=unspecified retransmit-interval=\
unspecified
/ipv6 nd prefix default
set autonomous=yes preferred-lifetime=1w valid-lifetime=4w2d
/mpls
set dynamic-label-range=16-1048575 propagate-ttl=yes
/mpls interface
add comment="" disabled=no interface=all mpls-mtu=1508
/mpls ldp
set distribute-for-default-route=no enabled=no hop-limit=255 loop-detect=no \
lsr-id=0.0.0.0 path-vector-limit=255 transport-address=0.0.0.0 \
use-explicit-null=no
/ppp aaa
set accounting=no interim-update=0s use-radius=yes
/queue interface
set internet-1 queue=ethernet-default
set PPPOE-Register queue=ethernet-default
set Internet-in-1 queue=ethernet-default
set internet-2 queue=ethernet-default
set Local-In queue=ethernet-default
set inet2 queue=ethernet-default
set ether2 queue=ethernet-default
set "Voip Network" queue=ethernet-default
set network queue=ethernet-default
set bridge1 queue=default
/radius
add accounting-backup=no accounting-port=1813 address=127.0.0.1 \
authentication-port=1812 called-id="" comment="" disabled=no domain="" \
realm="" secret=xx service=ppp timeout=300ms
/radius incoming
set accept=yes port=3799
/routing bfd interface
set all comment="" disabled=no interface=all interval=0.2sec min-rx=0.2sec \
multiplier=5
/routing igmp-proxy
set query-interval=2m5s query-response-interval=10s quick-leave=no
/routing mme
set bidirectional-timeout=2 gateway-class=none gateway-keepalive=1m \
gateway-selection=no-gateway origination-interval=5s preferred-gateway=\
0.0.0.0 timeout=1m ttl=50
/routing ospf network
add area=Backbone comment="" disabled=no network=0.0.0.0/0
/routing pim
set switch-to-spt=yes switch-to-spt-bytes=0 switch-to-spt-interval=1m40s
/routing rip
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
routing-table=main timeout-timer=3m update-timer=30s
/routing ripng
set distribute-default=never garbage-timer=2m metric-bgp=1 metric-connected=1 \
metric-default=1 metric-ospf=1 metric-static=1 redistribute-bgp=no \
redistribute-connected=no redistribute-ospf=no redistribute-static=no \
timeout-timer=3m update-timer=30s
/store
add comment="" disabled=no disk=sata1 name=user-manager1 type=user-manager
add comment="" disabled=no disk=sata2 name="Proxy Drive" type=web-proxy
add comment="" disabled=no disk=sata1 name=dude1 type=dude
/system clock
set time-zone-name=Africa/Johannesburg
/system clock manual
set dst-delta=+00:00 dst-end="jan/01/1970 00:00:00" dst-start=\
"jan/01/1970 00:00:00" time-zone=+00:00
/system console
set [ find vcno=1 ] disabled=no term=linux
set [ find vcno=2 ] disabled=no term=linux
set [ find vcno=3 ] disabled=no term=linux
set [ find vcno=4 ] disabled=no term=linux
set [ find vcno=5 ] disabled=no term=linux
set [ find vcno=6 ] disabled=no term=linux
set [ find vcno=7 ] disabled=no term=linux
set [ find vcno=8 ] disabled=no term=linux
/system console screen
set line-count=40
/system hardware
set multi-cpu=no
/system health
set state-after-reboot=enabled
/system identity
set name=Proxy
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6695
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: network-------proxybridge-------modem

Wed May 12, 2010 3:22 pm

What is your problem?
 
xezen
Long time Member
Long time Member
Topic Author
Posts: 628
Joined: Fri May 30, 2008 10:23 am
Location: South Africa

Re: network-------proxybridge-------modem

Thu May 13, 2010 4:44 am

trance parent proxy over a bridge (the settings i posted are for the proxy bridge)where im having problem
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6695
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: network-------proxybridge-------modem

Thu May 13, 2010 10:20 am

Still I do not see, what exactly does not work with proxy on the bridge.
 
xezen
Long time Member
Long time Member
Topic Author
Posts: 628
Joined: Fri May 30, 2008 10:23 am
Location: South Africa

Re: network-------proxybridge-------modem

Thu May 13, 2010 10:43 am

if i relay it to proxy http times out

dstnat port 80 to 8080
 
xezen
Long time Member
Long time Member
Topic Author
Posts: 628
Joined: Fri May 30, 2008 10:23 am
Location: South Africa

Re: network-------proxybridge-------modem

Fri May 14, 2010 12:34 pm

how to set up proxy

i need help to set up proxy on x86 with 2 eth ports

if both borts are in a bridge how can i set up trance parrent proxy

with this setup

as i cant get it to work

please help
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6695
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: network-------proxybridge-------modem

Fri May 14, 2010 3:07 pm

Set proxy port as 8080 only, unset out-interface for /ip firewall nat rule (make sure proxy traffic is not blocked in /ip firewall filter).

Who is online

Users browsing this forum: ToTheCLI and 24 guests