Hello,

Please can some one give me a bit of info.. I have looked at this link

http://www.mikrotik.com/testdocs/ros/2.9/ip/webproxy.php and confused the hell out of me..

And i am well still confused.. We run a 2.6 Squid server on a standalone machine. I dont want the ROUTEROS to handle the cache, all i want is it to forward all the webpage requests to the SQUID Server.

Ok this is our network layout

192.168.0.x/24 Customers -----> 192.168.0.251 (RouterOS Gatway) ----> 192.168.0.2 DNS Server -----> 192.168.0.4 — Squid Server ----> 192.168.0.1 Internet Modem

Here is my config so far:

ADDRESS NETWORK BROADCAST INTERFACE

0 ;;; local Lan
192.168.0.251/24 192.168.0.0 192.168.0.255 ether1
1 ;;; WAN
192.168.9.100/24 192.168.9.0 192.168.9.255 ether2

Flags: X - disabled, I - invalid, D - dynamic
0 chain=srcnat action=masquerade

DST-ADDRESS PREF-SRC G GATEWAY DISTANCE IN..

0 A S 0.0.0.0/0 r 192.168.9.1 1 et..
1 ADC 192.168.0.0/24 192.168.0.251 0 et..
2 ADC 192.168.9.0/24 192.168.9.100 0 et..

So do i need to add a route or use the ROUTEROS Proxy and point and a parent proxy.

I WILL UNDERSTAND THIS ONE DAY! If anyone can point me in the right direction to a simple way to configure this, as i am very new to ROUTEROS and SQUID so its a learning curve.

Then all i have to get working is NLB and failover… then all done, PROJECT FINISHED!!! I have to say i would not have got this far with out this forum!! THANK YOU ALL!!!

Hope you can help…

Regards

D

what exactly was confising there? it’s as simple as it gets. two steps:

1. set parent proxy in proxy settings
2. enable proxy

oh i think i have been confusing myself more than anything… Will give it a try.

I need to install the package, do i need to reinstall the whole lot? I am running on a demo version to get setup then going to buy the licence.

Can i get the package when using a demo?

webproxy is not working in the demo version. you can try it only in the key-less 24h version.

another approach would be to not use any webproxy on the RouterOS, but just make a DST-NAT rule with action DST-NAT to redirect all TCP:80 traffic to your Squid

ip firewall
dst-nat protocol=tcp dst-port=80 Action dst-nat to-address=192.168.0.4 to-ports=3128

Would that be correct then?

looks correct to me

ok, that seems to be working, now i have a problem with squid i think. I get this error..

ERROR
The requested URL could not be retrieved

While trying to process the request:

GET / HTTP/1.1
Host: http://www.google.co.uk
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.8.1.15) Gecko/20080623 Firefox/2.0.0.15
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,/;q=0.5
Accept-Language: en-gb,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Connection: keep-alive
Cookie: PREF=ID=111371bc4a18835c:TM=1211629667:LM=1211629667:S=TmP82Z5GPKJkLUT-; NID=12=chy9FDypusRC8gb7w7ZNlHqolb-YF7JDgYz-4P5Pjsn8u1Rbj3Owo95IdtuA3TWM8MoVAAlY3TZ8qI1NQt0DKW9k9N3Nc1HPOHZhzYSl-vQfWt4hIWadJmFKkbN00i-y; S=photos_html=Hux7A7CkRziZm-EnpvUdyw



The following error was encountered:

• Invalid Request

Some aspect of the HTTP Request is invalid. Possible problems:

• Missing or unknown request method
• Missing URL
• Missing HTTP Identifier (HTTP/1.0)
• Request is too large
• Content-Length missing for POST or PUT requests
• Illegal character in hostname; underscores are not allowed

Your cache administrator is webmaster.

maybe try searching this forum? I see a lot of similar issues:
http://forum.mikrotik.com/t/mikrotik-with-external-proxy/18584/1

(there is some solution also)

Do some google of setting your squid to be transparent proxy.

I think this will fix that error

Once again thanks to the Forum i was able to get squid now working correctly as a Transparent Cache.

Now got to work on failover just in case it stops working. If anyone is having problems configuring squid, please email me and i will send you my squid.conf setup with the RouterOS Config so you can setup like it did…

OK now failover