Hi,
How to make Web Proxy to work?
I have enabled it, as well created redirect rule to redirect to port 8080.
As i try to add proxy in browser, it doesn’t work either (I’m getting timeout), so something with proxy settings, not the NAT rule. Pretty much i didn’t do any configuration, just enabled proxy itself.
Just want visited sites to be visible in logs.
Mikrotik should remove this “web proxy” module all together from RouterOS.
It is only for HTTP and does not support HTTPS
Most Internet traffic these days is HTTPS.
To put in some numbers (from Netflow).
The last 24h my router processed about 89.000 flows on port 443 , while “port 80” was about 2.000
So that puts things in perspective, only 2% traffic on destination port “80” (which might then probably be non-encrypted)
Is there another way to log visited sites?
You could always go down the DNS path (analyse resolved entries), but that will not give you granularity what has been exactly visited.
And off course not all DNS-lookups lead to visited “websites” so no real 100% match for your requirements.
If you run certain Mikrotik models, you could investigate if some container exist that you could use for this “web proxy” function (eg Squid) and then direct traffic to the container.
But performance wise … dunno .. depends on the expected amount of users.
It is going to be a complex setup…
It is clear that is increasingly difficult to place yourself into the path of “enduser” <> “website” for control/policy/filter reasons.
Do you control all endpoints ? Is this a corporate/enterprise environment or some BYOD-type of deployement ?
It is actually my home network. Just want to see visited sites.
Then you should have a look at squid proxy. Not to run on MT, AFAIK, so you will need a small LINUX host.
However, steep learning curve, for what you want to achieve. But doable.