Redirect traffic to different machine on same network

dwschool · February 10, 2010, 9:18pm

I have a mikrotik router sitting on my network that forwards all proxy requests to port 8080 to a different proxy server on the same network (192.192.192.192 → 192.192.192.193). It works great but the log on the proxy server only shows the ip address of the mikrotik router. Is tharer any way to redirect the traffic through the router and still keep the original ip address, kind of like a pass-through only, not a NAT.

Another questions, if i have a mangle rule and a NAT rule on the same connections, are the connections mangled, because its the prerouting chain, and then put through the NAT?

Thanks

Dwayne

sergejs · February 12, 2010, 3:32pm

You can forward traffic to local proxy and log the visited web-pages.
Then move traffic to the parent-proxy by parent-proxy settings in /ip proxy.
Here you can see, how packet is coming through the router, when mangle and NAT occur,
http://wiki.mikrotik.com/wiki/Packet_Flow

dwschool · February 13, 2010, 1:13am

That would work, but my setup is a windows box that uses active directory authentication to allow web access. I would like to log both the username and ip address of the client machine.

sergejs · February 15, 2010, 1:34pm

You are not able to log on the RouterOS active directory username (if you are not using RADIUS for HotSpot).

dwschool · February 15, 2010, 5:56pm

I understand that, is it possible to redirect traffic through the mikrotik and keep the client address so that the windows box sees the original ip. After reading some posts it seemed it was possible through marking the packets and then somehow making a route to the windows machine.