Community discussions

MikroTik App
  4. RouterOS
  5. Beginner Basics

Squid with mikrotik router

Locked
 
niren
Frequent Visitor
Frequent Visitor
Topic Author
Posts: 76
Joined: Mon Oct 14, 2013 9:59 am

Squid with mikrotik router

Sat Oct 26, 2013 11:04 am

I tried to connect squid3 in my network to use high anonymity proxy. This is how my network is right now
Code: Select all
   
    WAN LINK
         |
 -------------           ---------------------------
| Mikrotik Box |        |   Ubuntu Server with squid3  |
 -------------          ----------------------------
         |                 /
         |               /
 ----------------------
| Switch ( Cheap one ) |
 ----------------------
    |         |        |       
  Client1  Client2  Client3   etc.
after this setup I changed squid.conf in Ubuntu server as

1. http_port 8080

2. acl localhost src xxx.xxx.xxx.xxx(Ubuntu server IP)

3 acl to_localhost dst xxx.xxx.xxx.xxx(Mikrotik router gateway) I assume that redirected http from Mikrotik router will be redirect again to Mikrotik router.

4. uncomment access log /var/log/squid3/access.log

5. add visible_hostname myname

save squid.conf and restart squid3 server.

Then I have added nat rule in Mikrotik router

ip/firewall/nat
Code: Select all
1.  add chain=dstnat src_address=xxx.xxx.xxx.xxx(ununtu server IP) dst-port=80 protocol=tcp action=accept

2. add chain=dstnat src_address=xxx.xxx.xxx.xxx/28(LAN address) dst-port=80 protocol=tcp action=dst-nat to-address=xxx.xxx.xxx.xxx(ununtu server IP) to-port=8080
now I can not able to access internet from client1 system, If I remove these two nat rule then I can access internet. what is wrong I have made?
Top
 
PeterSullivan
newbie
Posts: 30
Joined: Wed Jul 31, 2013 3:03 pm
Contact:
Contact PeterSullivan

Re: Squid with mikrotik router

Sat Oct 26, 2013 3:03 pm

Have you checked all the setting what about DNS setting have you checked all those.
Top
 
User avatar
aacable
Member
Member
Posts: 435
Joined: Wed Sep 17, 2008 11:58 am
Location: ISLAMIC Republic of PAKISTAN
Contact:
Contact aacable

Re: Squid with mikrotik router

Wed Oct 30, 2013 7:40 am

Squid MUST be connected with mikrotik to isolate it from the user LAN, not to switch.
for example:

Mikrotik
LAN1 = User LAN 10.0.0.x
LAN2 = WAN 1.2.3.x
LAN3 = to SQUID 192.168.1.x

then use dst-nat method to route port 80 request to squidip:port

That's it :)
Code: Select all
  add chain=dstnat src_address=xxx.xxx.xxx.xxx(ununtu server IP) dst-port=80 protocol=tcp action=accept
the above rule is required if you are using MARK n ROUTE method, also in mark-n-route method, squid must have user subnet ROUTE defined in order to connect with user. Avoid this method if you are new to squid and mikrotik. simply use dst-nat method which is easy and quick , i have few guides on both dst-nat and mark-n-route method :D
Top
Locked

Who is online

Users browsing this forum: Wxjeep and 74 guests
  4. RouterOS
  5. Beginner Basics