Proxy pfsense tidak bisa di NAT Transparent Proxy oleh mikrotik
-
Mohon bantuan rekan2 yang menggunakan pfsense sebagai proxynya.
saya sudah berhasil menginstall lusca di pfsense.
di test oleh browser, input ip proxy dan portnya. proxynya berfungsi.yang jadi masalah, adalah ketika dari mikrotik saya buat nat untuk transparent proxy ke kroxy pfsense, ternyata gagal. tidak bisa browsing sama sekali.
bagian mana yang mesti saya setting supaya tranparent proxy nya bekerja ?
-
apakah link berikut bermanfaat brother …
http://forum.pfsense.org/index.php/topic,35987.0.html
masak kudu disuapin mulu [becanda] … ;D
-
sudah coba
ini nat di mikrotiknya, sengaja di disable, klo di aktifkan, koneksi internet bermasalah
Flags: X - disabled, I - invalid, D - dynamic
0 X ;;; place hotspot rules here
chain=unused-hs-chain action=passthrough1 X ;;; NAT-Modem
chain=srcnat action=masquerade out-interface=ether1-Modem2 ;;; NAT Public
chain=srcnat action=masquerade out-interface=speedy6 X ;;; TRANSPARENT PROX + BYPASS CACHE SERVER LOKAL
chain=dstnat action=dst-nat to-addresses=192.168.99.2 to-ports=3128 protocol=tcp dst-address-list=!Proxy in-interface=WiFi_All dst-port=80,8080,31287 X ;;; TRANSPARENT PROXY
chain=dstnat action=dst-nat to-addresses=192.168.99.2 to-ports=3128 protocol=tcp src-address-list=Local+Server dst-address-list=!Proxy
dst-port=80,8080,3128 -
ini log firewallnya
saya pake ip 192.168.99.166Act Time If Source Destination Proto
block Jul 18 14:50:29 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:49:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:48:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:47:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:46:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:45:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:44:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:43:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:42:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:41:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:40:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:40:00 LAN 0.0.0.0:68 255.255.255.255:67 UDP
block Jul 18 14:39:48 LAN 0.0.0.0:68 255.255.255.255:67 UDP
block Jul 18 14:39:48 LAN 0.0.0.0:68 255.255.255.255:67 UDP
block Jul 18 14:39:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:38:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:37:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:36:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:35:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:34:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:33:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:32:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:32:05 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
block Jul 18 14:32:05 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:37 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:37 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:31:22 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:22 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:16 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:16 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:13 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:13 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:11 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:11 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:10 LAN 192.168.99.166:51910 192.168.99.2:3128 TCP:FA
block Jul 18 14:31:10 LAN 192.168.99.166:51908 192.168.99.2:3128 TCP:FA
block Jul 18 14:30:28 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:29:51 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
block Jul 18 14:29:30 LAN 192.168.99.166:47107 192.168.99.2:3128 TCP:FA
block Jul 18 14:29:27 LAN 192.168.1.100:5678 255.255.255.255:5678 UDP
block Jul 18 14:29:21 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
block Jul 18 14:29:06 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
block Jul 18 14:28:59 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA
block Jul 18 14:28:56 LAN 192.168.99.166:47107 192.168.99.2:3128 TCP:FA
block Jul 18 14:28:55 LAN 192.168.99.166:47254 192.168.99.2:3128 TCP:FA -
mohon petunjuk nya, yang ingin saya ketahui adalah apakah masalah berasal dari pfsense atau mikrotiknya ?
-
Udah coba di perhatikan kembali access list yang ada di setting lusca?
Kalo kita pake ip standart "LAN Pfsense" Emank gak masalah tetapi bila qita ingin mentranslate ip lain yang menggunakan proxy harusnya diberikan izin untuk mengakses Lusca tersebut.
Semoga membantu..
-
hmm..acl di lusca udah di add, firewall udah di allow…
maksud ip standar "LAN pfsense" yg mana ya, bro sis.net.id? ??? (yg default ini maksudnya bukan?-> 192.168.1.1...)
udah coba jg yg itu tpi masih blum bisa jg...pada saat browsing trafficnya di rb750 kelihatan...tpi tetap g bisa ngenet
cek di system log- firewall gak nampak... ::) ::) (padahal awal nginstall trus ngeredirect lancar, coba2 reinstall semua malah g bisa, padahal konfigurasi gak ada berubah/persis sama dg yg pertama)
masih blm berhasil...kira2 apa ya... ::) ::) ::)
Untuk d MT-nya cukup dengan.
;;; proxy
chain=dstnat action=dst-nat to-addresses=192.168.200.1 to-ports=3128
protocol=tcp in-interface=Local dst-port=80Di pf-nya
centang allow user interface + transparent proxy