Force Web Proxy to use LTE connection only

Hi,
I would like to configure an LtAP mini to function as a web proxy which is accessed via the ethernet port. I’d like web proxy requests to go via the LTE interface only, and any other internet requests to go via the ethernet port. When configuring the web proxy we can only set the source address of requests to somewhat control where they get proxied to. The ip address of the LTE interface is dynamic which makes this a little awkward as it would need to get updated every time it changes.

Is there a nice solution to this? I wondered if I could somehow have an isolated network containing only the LTE interface and a bridge, and set the source address in web proxy to a local IP that would use NAT to go via whatever address the LTE interface was currently using, but I’m not sure that’s possible because the LTE interface doesn’t seem to work like an ethernet interface.

I was able to get the behaviour I wanted by manually setting the web proxy source address to the LTE ip address and creating a static route to a specific IP, i.e.

/ip route
add disabled=no dst-address=172.67.168.106 gateway=lte1 routing-table=main suppress-hw-offload=no

but that’s not going to work in the general case.

I’ve attached the basic config I have at the moment.
ltap-config.txt (6.6 KB)

/ip addr add address=10.10.10.10 interface=lte1
/ip proxy src-address=10.10.10.10
/ip firewall nat add action=masquerade chain=srcnat src-address=10.10.10.10

Thank you for your response panisk0.

This doesn’t seem to work on its own, the web proxy still routes out via the ether1 IP.

/routing table add fib name=to_WAN_lte
/routing rule add action=lookup src-address=10.10.10.10/32 table=to_WAN_lte
/ip route add dst-address=0.0.0.0/0 gateway=lte1 routing-table=to_WAN_lte

It’s working!
I had to assign the IP address to the bridge instead of lte1, but otherwise this is perfect. Thank you!