• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Proxy pfsense tidak bisa di NAT Transparent Proxy oleh mikrotik

Scheduled Pinned Locked Moved Indonesian
7 Posts 3 Posters 9.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • K
    kidx13
    last edited by Jul 14, 2011, 3:08 PM

    Mohon bantuan rekan2 yang menggunakan pfsense sebagai proxynya.
    saya sudah berhasil menginstall lusca di pfsense.
    di test oleh browser, input ip proxy dan portnya. proxynya berfungsi.

    yang jadi masalah, adalah ketika dari mikrotik saya buat nat untuk transparent proxy ke kroxy pfsense, ternyata gagal. tidak bisa browsing sama sekali.

    bagian mana yang mesti saya setting supaya tranparent proxy nya bekerja ?

    1 Reply Last reply Reply Quote 0
    • S
      serangku
      last edited by Jul 14, 2011, 5:44 PM

      apakah link berikut bermanfaat brother …

      http://forum.pfsense.org/index.php/topic,35987.0.html

      masak kudu disuapin mulu [becanda] …  ;D

      1 Reply Last reply Reply Quote 0
      • K
        kidx13
        last edited by Jul 15, 2011, 1:12 PM

        sudah coba

        ini nat di mikrotiknya, sengaja di disable, klo di aktifkan, koneksi internet bermasalah

        Flags: X - disabled, I - invalid, D - dynamic
        0 X ;;; place hotspot rules here
            chain=unused-hs-chain action=passthrough

        1 X ;;; NAT-Modem
            chain=srcnat action=masquerade out-interface=ether1-Modem

        2  ;;; NAT Public
            chain=srcnat action=masquerade out-interface=speedy

        6 X ;;; TRANSPARENT PROX + BYPASS CACHE SERVER LOKAL
            chain=dstnat action=dst-nat to-addresses=192.168.99.2 to-ports=3128 protocol=tcp dst-address-list=!Proxy in-interface=WiFi_All dst-port=80,8080,3128

        7 X ;;; TRANSPARENT PROXY
            chain=dstnat action=dst-nat to-addresses=192.168.99.2 to-ports=3128 protocol=tcp src-address-list=Local+Server dst-address-list=!Proxy
            dst-port=80,8080,3128

        1 Reply Last reply Reply Quote 0
        • K
          kidx13
          last edited by Jul 18, 2011, 6:56 AM

          ini log firewallnya
          saya pake ip 192.168.99.166

          Act   Time                 If Source                 Destination         Proto
          block    Jul 18 14:50:29 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:49:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:48:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:47:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:46:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:45:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:44:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:43:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:42:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:41:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:40:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:40:00 LAN 0.0.0.0:68 255.255.255.255:67 UDP
          block    Jul 18 14:39:48 LAN 0.0.0.0:68 255.255.255.255:67 UDP
          block    Jul 18 14:39:48 LAN 0.0.0.0:68 255.255.255.255:67 UDP
          block    Jul 18 14:39:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:38:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:37:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:36:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:35:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:34:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:33:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:32:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:32:05 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:32:05 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:37 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:37 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:31:22 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:22 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:16 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:16 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:13 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:13 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:11 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:11 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:30:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:29:51 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:29:30 LAN 192.168.99.166:47107 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:29:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
          block    Jul 18 14:29:21 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:29:06 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:28:59 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:28:56 LAN 192.168.99.166:47107 192.168.99.2:3128 TCP:FA
          block    Jul 18 14:28:55 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA

          1 Reply Last reply Reply Quote 0
          • K
            kidx13
            last edited by Jul 19, 2011, 9:16 AM Jul 19, 2011, 9:03 AM

            mohon petunjuk nya, yang ingin saya ketahui adalah apakah masalah berasal dari pfsense atau mikrotiknya ?

            1 Reply Last reply Reply Quote 0
            • C
              chino
              last edited by Nov 5, 2011, 4:13 AM

              Udah coba di perhatikan kembali access list yang ada di setting lusca?

              Kalo kita pake ip standart "LAN Pfsense" Emank gak masalah tetapi bila qita ingin mentranslate ip lain yang menggunakan proxy harusnya diberikan izin untuk mengakses Lusca tersebut.

              Semoga membantu..

              1 Reply Last reply Reply Quote 0
              • C
                chino
                last edited by Nov 16, 2011, 4:51 PM

                @j_boy:

                hmm..acl di lusca udah di add, firewall udah di allow…

                maksud ip standar "LAN pfsense" yg mana ya, bro sis.net.id? ??? (yg default ini maksudnya bukan?-> 192.168.1.1...)
                udah coba jg yg itu tpi masih blum bisa jg...

                pada saat browsing trafficnya di rb750 kelihatan...tpi tetap g bisa ngenet

                cek di system log- firewall   gak nampak... ::) ::)    (padahal awal nginstall trus ngeredirect lancar, coba2 reinstall semua malah g bisa, padahal konfigurasi gak ada berubah/persis sama dg yg pertama)

                masih blm berhasil...kira2 apa ya... ::) ::) ::)

                Untuk d MT-nya cukup dengan.

                ;;; proxy
                    chain=dstnat action=dst-nat to-addresses=192.168.200.1 to-ports=3128
                    protocol=tcp in-interface=Local dst-port=80

                Di pf-nya
                centang allow user interface + transparent proxy

                Proxysc.jpg
                Proxysc.jpg_thumb

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received