Hi,
I need help or realiable advise
I never try web proxy before.
I need to allow access to selected websites only and deny access to all other web sites on the internet. And if any employ try to access any other site i want to redirect him to a selected page on a local server with a message like “Do your Job”
And block all the other services: msn,yahoo chat,ares,torrent,emule
Only selected VIP workers will have access to internet (DMZ)
I am using routerboard 500 with MT3.20
Hmmm no one have a and idea, any help?
/ip proxy access
Ok,
I have read the documentation about proxy, and this is what i did until now with no success at all.
I made some rules in the firewall and nat here are my exports
Filter
add action=accept chain=forward comment=“DMZ IT PC” disabled=no protocol=tcp src-address=10.1.10.83
add action=accept chain=forward comment=“DMZ Boss” disabled=no protocol=tcp src-address=10.1.10.102
add action=accept chain=forward comment=“DMZ JBoss2” disabled=no protocol=tcp src-address=10.1.10.88
add action=accept chain=forward comment=“DMZ Boss3” disabled=no protocol=tcp src-address=10.1.10.89
add action=drop chain=forward comment=“Port 80 Block access to web,and msn” disabled=no dst-port=80 protocol=tcp
Nat
add action=masquerade chain=srcnat comment=“” disabled=no
add action=redirect chain=dstnat comment=“REDIRECT WEB PROXY” disabled=yes
dst-port=80 in-interface=LAN protocol=tcp to-ports=8080
Web Proxy
/ip proxy> print
enabled: no
src-address: 10.1.10.0
port: 8080
parent-proxy: 0.0.0.0
parent-proxy-port: 0
cache-administrator: “”
max-cache-size: none
cache-on-disk: yes
max-client-connections: 150
max-server-connections: 150
max-fresh-time: 3d
serialize-connections: no
always-from-cache: no
cache-hit-dscp: 4
cache-drive: syste
Proxy access
/ip proxy access
add action=allow comment=WWW.HOTMAIL.COM disabled=no dst-host=www.hotmail.com
add action=allow comment=“mail.live.com HOTMAIL” disabled=no dst-host=login.live.com
add action=allow comment=“” disabled=no dst-host=http://login.live.com
add action=allow comment=“TRIBUNAL ELECTORAL” disabled=no dst-host=www.tribunal-electoral.gob.pa
add action=allow comment=“” disabled=no dst-host=http://ve.tribunal-electoral.gob.pa/verificatepanama
add action=allow comment=“Callcenter backup” disabled=no dst-host=http://70.35.62.120/inteligence/captura/index.php
add action=allow comment=“” disabled=no dst-host=http://www.unitedstates.com/literature/mycenter/index.php
add action=allow comment=“” disabled=no dst-host=http://www.myphonebook.com/books/readalot/index.php
add action=allow comment=“” disabled=no dst-host=http://www.workingout.com/yearrigt/photos/vagancia.php
add action=allow comment=gmail disabled=no dst-host=www.gmail.com
add action=deny comment=Star working Dude disabled=no redirect-to=www.mydomain.com/converge/staff/vagancia.php
src-address=10.1.10.0/24
For some reason I am able to access the main page of this site http://www.tribunal-electoral.gob.pa but when i click on a link inside of that page nothing is displayed.
and when i try to see if the redirect rule works the browser says loop error, when i disable the proxy redirect dst-nat i am able to get the redirect to work.
What i need is let people use hotmail,gmail with no problem, just the web mail and if someone try to navigate to facebook or any other website not listed that user will be redirected to a page “warning him to start working”
But i dont know why the access to hotmail and gmail is not posible and my redirect is not working.
I am working on a rule to allow software update on kaspersky and windows.
The principals on this office have full access to the internet
Any help?
It suppose this forum is for mikotik user to share knowlege, but i dont find any help.
your proxy is not even enabled. start with that
Thanks for you reply,
Some features are disable when i perform the export to this post, because all the my setup posted related to web-proxy is not working.
Thats why my proxy is disable, if I enable the configuration the company cant access the related sites to work.
Thanks macbeton.
Your post has solved my problem.