Here is what I’m trying to accomplish. I am on a network that requires the use of a proxy server. I would prefer to not enter all the settings for the proxy into every device. Thus I want to use my mikrotik to forward all traffic to the proxy server. On my rb750, I will have one port connecting to the network, the other ports I would like to function as simple switch ports and then rules for all those ports to forward traffic to ip server. I found the article in the wiki on making a transparent web proxy but that’s not exactly what I’m trying to do. Any advice would be greatly appreciated.
I agree proxying 443 is not at all possible on Mikrotik’s own proxy, but apparently some proxies claim they can handle this such as Squid using whats called the CONNECT Tunnel method (RFC2817) - http://wiki.squid-cache.org/Features/HTTPS
I included TCP 443 just to capture all browser traffic.
The WPAD idea is excellent as I have used that for PC’s in a school environment. The one glitch with that method is that Tablets dont recognise it - (at least they didnt when we tried …hehe ) so for that we used a dstnat rule to force them to use Squid.
Yup - WPAD for the willing, and dstnat for the clueless or mischievous.
I never set it up myself, but I did configure a ROS proxy manually in my browser one time helping in another thread here, and SSL worked without certificate issues when I did that. (explicitly set the router as my proxy)
