Community discussions

MikroTik App
 
hesaum
just joined
Topic Author
Posts: 24
Joined: Wed Jun 20, 2012 8:16 am

Redirect web proxy traffic to second ISP

Thu Jul 08, 2021 5:16 pm

I have 2 default gw , I want to redirect Mikrotiks web proxy traffic through VPN, So everyone by setting proxy can use VPN. Here is what I did ..
enabled web proxy on interface address
mangle all 8080 traffic ( mark routing)
add a route to VPN gw with mark routing
add dnat on VPN interface

Not Worked ..Still, traffic goes through the first GW

Any Idea
 
pe1chl
Forum Guru
Forum Guru
Posts: 10194
Joined: Mon Jun 08, 2015 12:09 pm

Re: Redirect web proxy traffic to second ISP

Thu Jul 08, 2021 5:22 pm

The web proxy is not a routing service, it has an inside that takes the connects to port 8080 and an outside that connects to the desired server.
So it is not possible to apply marks to the inside traffic and expect them to work on the outside traffic.
It generally is difficult to apply marks and routing rules to traffic originating from the router itself. You can apply them in the output chain but there is no easy way to match "traffic from the proxy service".
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: Redirect web proxy traffic to second ISP

Thu Jul 08, 2021 5:30 pm

Forget about Mikrotik "proxy".
Back in 1990 that was perhaps a good idea, these days almost everything is HTTPS and/or QUIC (using UDP) and Mikrotik does not support any of these.
 
pe1chl
Forum Guru
Forum Guru
Posts: 10194
Joined: Mon Jun 08, 2015 12:09 pm

Re: Redirect web proxy traffic to second ISP

Thu Jul 08, 2021 6:36 pm

The MikroTik proxy does support HTTPS!
Of course only when explicitly configured, not as transparent proxy.
 
hesaum
just joined
Topic Author
Posts: 24
Joined: Wed Jun 20, 2012 8:16 am

Re: Redirect web proxy traffic to second ISP

Thu Jul 08, 2021 6:40 pm

Thanks, guys, What's your suggestion for my issue .
 
pe1chl
Forum Guru
Forum Guru
Posts: 10194
Joined: Mon Jun 08, 2015 12:09 pm

Re: Redirect web proxy traffic to second ISP

Thu Jul 08, 2021 7:01 pm

Suggestion is to find some other way to know where to send the traffic.
E.g. make 2 different user networks (VLAN and/or WiFi SSID) for two groups of clients, and use the source address (which network) to route the traffic.

Or, with a single network, assign fixed addresses to the clients you want to use the second ISP (make the DHCP lease static) and put them in an address list to decide the routing.
 
User avatar
jvanhambelgium
Forum Veteran
Forum Veteran
Posts: 985
Joined: Thu Jul 14, 2016 9:29 pm
Location: Belgium

Re: Redirect web proxy traffic to second ISP

Thu Jul 08, 2021 10:27 pm

The MikroTik proxy does support HTTPS!
Of course only when explicitly configured, not as transparent proxy.
Indeed it seems to do so.
A very outdated wiki page made me believe it did only HTTP

Who is online

Users browsing this forum: Ahrefs [Bot], BioMax, reinerotto and 28 guests