Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Proxy pfsense tidak bisa di NAT Transparent Proxy oleh mikrotik

    Scheduled Pinned Locked Moved Indonesian
    7 Posts 3 Posters 9.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kidx13
      last edited by

      Mohon bantuan rekan2 yang menggunakan pfsense sebagai proxynya.
      saya sudah berhasil menginstall lusca di pfsense.
      di test oleh browser, input ip proxy dan portnya. proxynya berfungsi.

      yang jadi masalah, adalah ketika dari mikrotik saya buat nat untuk transparent proxy ke kroxy pfsense, ternyata gagal. tidak bisa browsing sama sekali.

      bagian mana yang mesti saya setting supaya tranparent proxy nya bekerja ?

      1 Reply Last reply Reply Quote 0
      • S
        serangku
        last edited by

        apakah link berikut bermanfaat brother …

        http://forum.pfsense.org/index.php/topic,35987.0.html

        masak kudu disuapin mulu [becanda] …  ;D

        1 Reply Last reply Reply Quote 0
        • K
          kidx13
          last edited by

          sudah coba

          ini nat di mikrotiknya, sengaja di disable, klo di aktifkan, koneksi internet bermasalah

          Flags: X - disabled, I - invalid, D - dynamic
          0 X ;;; place hotspot rules here
              chain=unused-hs-chain action=passthrough

          1 X ;;; NAT-Modem
              chain=srcnat action=masquerade out-interface=ether1-Modem

          2  ;;; NAT Public
              chain=srcnat action=masquerade out-interface=speedy

          6 X ;;; TRANSPARENT PROX + BYPASS CACHE SERVER LOKAL
              chain=dstnat action=dst-nat to-addresses=192.168.99.2 to-ports=3128 protocol=tcp dst-address-list=!Proxy in-interface=WiFi_All dst-port=80,8080,3128

          7 X ;;; TRANSPARENT PROXY
              chain=dstnat action=dst-nat to-addresses=192.168.99.2 to-ports=3128 protocol=tcp src-address-list=Local+Server dst-address-list=!Proxy
              dst-port=80,8080,3128

          1 Reply Last reply Reply Quote 0
          • K
            kidx13
            last edited by

            ini log firewallnya
            saya pake ip 192.168.99.166

            Act   Time                 If Source                 Destination         Proto
            block    Jul 18 14:50:29 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:49:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:48:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:47:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:46:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:45:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:44:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:43:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:42:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:41:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:40:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:40:00 LAN 0.0.0.0:68 255.255.255.255:67 UDP
            block    Jul 18 14:39:48 LAN 0.0.0.0:68 255.255.255.255:67 UDP
            block    Jul 18 14:39:48 LAN 0.0.0.0:68 255.255.255.255:67 UDP
            block    Jul 18 14:39:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:38:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:37:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:36:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:35:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:34:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:33:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:32:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:32:05 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:32:05 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:37 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:37 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:31:22 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:22 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:16 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:16 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:13 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:13 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:11 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:11 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:30:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:29:51 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:29:30 LAN 192.168.99.166:47107 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:29:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
            block    Jul 18 14:29:21 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:29:06 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:28:59 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:28:56 LAN 192.168.99.166:47107 192.168.99.2:3128 TCP:FA
            block    Jul 18 14:28:55 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA

            1 Reply Last reply Reply Quote 0
            • K
              kidx13
              last edited by

              mohon petunjuk nya, yang ingin saya ketahui adalah apakah masalah berasal dari pfsense atau mikrotiknya ?

              1 Reply Last reply Reply Quote 0
              • C
                chino
                last edited by

                Udah coba di perhatikan kembali access list yang ada di setting lusca?

                Kalo kita pake ip standart "LAN Pfsense" Emank gak masalah tetapi bila qita ingin mentranslate ip lain yang menggunakan proxy harusnya diberikan izin untuk mengakses Lusca tersebut.

                Semoga membantu..

                1 Reply Last reply Reply Quote 0
                • C
                  chino
                  last edited by

                  @j_boy:

                  hmm..acl di lusca udah di add, firewall udah di allow…

                  maksud ip standar "LAN pfsense" yg mana ya, bro sis.net.id? ??? (yg default ini maksudnya bukan?-> 192.168.1.1...)
                  udah coba jg yg itu tpi masih blum bisa jg...

                  pada saat browsing trafficnya di rb750 kelihatan...tpi tetap g bisa ngenet

                  cek di system log- firewall   gak nampak... ::) ::)    (padahal awal nginstall trus ngeredirect lancar, coba2 reinstall semua malah g bisa, padahal konfigurasi gak ada berubah/persis sama dg yg pertama)

                  masih blm berhasil...kira2 apa ya... ::) ::) ::)

                  Untuk d MT-nya cukup dengan.

                  ;;; proxy
                      chain=dstnat action=dst-nat to-addresses=192.168.200.1 to-ports=3128
                      protocol=tcp in-interface=Local dst-port=80

                  Di pf-nya
                  centang allow user interface + transparent proxy

                  Proxysc.jpg
                  Proxysc.jpg_thumb

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.