Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Proxy pfsense tidak bisa di NAT Transparent Proxy oleh mikrotik

    Indonesian
    3
    7
    8584
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kidx13 last edited by

      Mohon bantuan rekan2 yang menggunakan pfsense sebagai proxynya.
      saya sudah berhasil menginstall lusca di pfsense.
      di test oleh browser, input ip proxy dan portnya. proxynya berfungsi.

      yang jadi masalah, adalah ketika dari mikrotik saya buat nat untuk transparent proxy ke kroxy pfsense, ternyata gagal. tidak bisa browsing sama sekali.

      bagian mana yang mesti saya setting supaya tranparent proxy nya bekerja ?

      1 Reply Last reply Reply Quote 0
      • S
        serangku last edited by

        apakah link berikut bermanfaat brother …

        http://forum.pfsense.org/index.php/topic,35987.0.html

        masak kudu disuapin mulu [becanda] …  ;D

        1 Reply Last reply Reply Quote 0
        • K
          kidx13 last edited by

          sudah coba

          ini nat di mikrotiknya, sengaja di disable, klo di aktifkan, koneksi internet bermasalah

          Flags: X - disabled, I - invalid, D - dynamic
          0 X ;;; place hotspot rules here
              chain=unused-hs-chain action=passthrough

          1 X ;;; NAT-Modem
              chain=srcnat action=masquerade out-interface=ether1-Modem

          2  ;;; NAT Public
              chain=srcnat action=masquerade out-interface=speedy

          6 X ;;; TRANSPARENT PROX + BYPASS CACHE SERVER LOKAL
              chain=dstnat action=dst-nat to-addresses=192.168.99.2 to-ports=3128 protocol=tcp dst-address-list=!Proxy in-interface=WiFi_All dst-port=80,8080,3128

          7 X ;;; TRANSPARENT PROXY
              chain=dstnat action=dst-nat to-addresses=192.168.99.2 to-ports=3128 protocol=tcp src-address-list=Local+Server dst-address-list=!Proxy
              dst-port=80,8080,3128

          1 Reply Last reply Reply Quote 0
          • K
            kidx13 last edited by

            ini log firewallnya
            saya pake ip 192.168.99.166

            Act   Time                 If Source                 Destination         Proto
            block    Jul 18 14:50:29 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:49:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:48:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:47:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:46:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:45:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:44:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:43:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:42:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:41:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:40:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:40:00 LAN 0.0.0.0:68 255.255.255.255:67 UDP
            block    Jul 18 14:39:48 LAN 0.0.0.0:68 255.255.255.255:67 UDP
            block    Jul 18 14:39:48 LAN 0.0.0.0:68 255.255.255.255:67 UDP
            block    Jul 18 14:39:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:38:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:37:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:36:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:35:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:34:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:33:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:32:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:32:05 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:32:05 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:37 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:37 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:31:22 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:22 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:16 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:16 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:13 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:13 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:11 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:11 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:30:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:29:51 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:29:30 LAN 192.168.99.166:47107 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:29:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:29:21 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:29:06 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:28:59 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:28:56 LAN 192.168.99.166:47107 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:28:55 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA

            1 Reply Last reply Reply Quote 0
            • K
              kidx13 last edited by

              mohon petunjuk nya, yang ingin saya ketahui adalah apakah masalah berasal dari pfsense atau mikrotiknya ?

              1 Reply Last reply Reply Quote 0
              • C
                chino last edited by

                Udah coba di perhatikan kembali access list yang ada di setting lusca?

                Kalo kita pake ip standart "LAN Pfsense" Emank gak masalah tetapi bila qita ingin mentranslate ip lain yang menggunakan proxy harusnya diberikan izin untuk mengakses Lusca tersebut.

                Semoga membantu..

                1 Reply Last reply Reply Quote 0
                • C
                  chino last edited by

                  @j_boy:

                  hmm..acl di lusca udah di add, firewall udah di allow…

                  maksud ip standar "LAN pfsense" yg mana ya, bro sis.net.id? ??? (yg default ini maksudnya bukan?-> 192.168.1.1...)
                  udah coba jg yg itu tpi masih blum bisa jg...

                  pada saat browsing trafficnya di rb750 kelihatan...tpi tetap g bisa ngenet

                  cek di system log- firewall   gak nampak... ::) ::)    (padahal awal nginstall trus ngeredirect lancar, coba2 reinstall semua malah g bisa, padahal konfigurasi gak ada berubah/persis sama dg yg pertama)

                  masih blm berhasil...kira2 apa ya... ::) ::) ::)

                  Untuk d MT-nya cukup dengan.

                  ;;; proxy
                      chain=dstnat action=dst-nat to-addresses=192.168.200.1 to-ports=3128
                      protocol=tcp in-interface=Local dst-port=80

                  Di pf-nya
                  centang allow user interface + transparent proxy


                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post

                  Products

                  • Platform Overview
                  • TNSR
                  • pfSense
                  • Appliances

                  Services

                  • Training
                  • Professional Services

                  Support

                  • Subscription Plans
                  • Contact Support
                  • Product Lifecycle
                  • Documentation

                  News

                  • Media Coverage
                  • Press
                  • Events

                  Resources

                  • Blog
                  • FAQ
                  • Find a Partner
                  • Resource Library
                  • Security Information

                  Company

                  • About Us
                  • Careers
                  • Partners
                  • Contact Us
                  • Legal
                  Our Mission

                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                  Subscribe to our Newsletter

                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                  © 2021 Rubicon Communications, LLC | Privacy Policy