hello all,
i’ve got an issue with a proxy server I’m running on one of our mikrotik routers.
I have:
(office network 10.0.0.0/24)----(10.0.0.254-mikrotik)----(internet link 1)
\___(Internet link 2)
Internet link 1 is the primary link and has the default route (0.0.0.0/0 via internet link 1)
I then have a mangle rule to force port 80 and 443 (http and https) traffic out over internet link 2.
This on its own works fine.
I’ve been trying to setup the mikrotik proxy on this box and created a dst-nat rule for port 80 (forwarding to 10.0.0.254:8080) to forward all office computers through the proxy transparently, however when I check I can see the proxy is sending all of its traffic over internet link 1.
I’ve confirmed that on the proxy the src-address is set to 10.0.0.254 but none of this traffic even shows up on the mangle rule.
Any ideas?
/ip proxy
set always-from-cache=yes cache-administrator=<email removed> cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=unlimited max-client-connections=600 \
max-fresh-time=4w2d max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=no src-address=10.0.0.254
/ip proxy access
add action=allow comment="" disabled=no src-address=10.0.0.0/24
add action=deny comment="" disabled=no