Web proxy через туннели . Нужна помощь .

[V1tam1n]

Имеем Mikrotik Hex . Одно подключение которое смотрит в интернет . Один локальный компьютер . 10 + pptp подключений , которые смотрят в интернет . Софтина , которая должна под разными профилями использовать разные внешние ip . Но в настройках ей для этого можно указать только прокси вида ip:port .
Задача внутри железяки настроить необходимое количество Web Proxy которые в качестве исходящего соединения используют pptp соединения .Заранее спасибо.

[V1tam1n]

Нашел такую тему . Похоже это то что мне надо . Есть кто может подсказать ?

Код: Выделить всё

/ip address
add address=10.0.0.1/8 disabled=no interface=WAN1 network=10.0.0.0
add address=192.168.0.1/24 disabled=no interface=WAN2 network=192.168.0.0
add address=192.168.5.1/24 disabled=no interface=LAN network=192.168.5.0

/ip dns
set allow-remote-requests=yes cache-max-ttl=1w cache-size=5000KiB max-udp-packet-size=512 servers=8.8.8.8

/ip proxy
set always-from-cache=no cache-administrator=webmaster cache-hit-dscp=4 cache-on-disk=yes enabled=yes max-cache-size=unlimited max-client-connections=600 max-fresh-time=3d \
max-server-connections=600 parent-proxy=0.0.0.0 parent-proxy-port=0 port=8080 serialize-connections=no src-address=0.0.0.0

/ip firewall mangle
add action=mark-connection chain=input disabled=no in-interface=WAN1 new-connection-mark=WAN1_conn passthrough=yes
add action=mark-connection chain=input disabled=no in-interface=WAN2 new-connection-mark=WAN2_conn passthrough=yes
add action=mark-connection chain=output comment="Marking Web Proxy Connection for WAN-1" disabled=no dst-port=80 new-connection-mark=WAN1_conn passthrough=yes per-connection-classifier=\
both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=output comment="Marking Web Proxy Connection for WAN-2" disabled=no dst-port=80 new-connection-mark=WAN2_conn passthrough=yes per-connection-classifier=\
both-addresses-and-ports:2/1 protocol=tcp
add action=mark-connection chain=prerouting comment="Excluding Port 80 from PCC - WAN1" disabled=no dst-address-type=!local dst-port=!80 in-interface=LAN new-connection-mark=WAN1_conn passthrough=yes \
per-connection-classifier=both-addresses-and-ports:2/0 protocol=tcp
add action=mark-connection chain=prerouting comment="Excluding Port 80 from PCC - WAN2" disabled=no dst-address-type=!local dst-port=!80 in-interface=LAN new-connection-mark=WAN2_conn passthrough=yes \
per-connection-classifier=both-addresses-and-ports:2/1 protocol=tcp
add action=mark-routing chain=prerouting connection-mark=WAN1_conn disabled=no in-interface=LAN new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=prerouting connection-mark=WAN2_conn disabled=no in-interface=LAN new-routing-mark=to_WAN2 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN1_conn disabled=no new-routing-mark=to_WAN1 passthrough=yes
add action=mark-routing chain=output connection-mark=WAN2_conn disabled=no new-routing-mark=to_WAN2 passthrough=yes
add action=accept chain=prerouting disabled=no dst-address=10.0.0.0/8 in-interface=LAN
add action=accept chain=prerouting disabled=no dst-address=192.168.0.0/24 in-interface=LAN

/ip firewall nat
add action=masquerade chain=srcnat comment="Masquerade WAN1 Traffic" disabled=no out-interface=WAN1
add action=masquerade chain=srcnat comment="Masquerade WAN2 Traffic" disabled=no out-interface=WAN2
add action=redirect chain=dstnat comment="Redirect port 80 request to Mikrotik Web Proxy" disabled=no dst-port=80 protocol=tcp to-ports=8080

/ip route
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=10.0.0.1 routing-mark=to_WAN1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.0.1 routing-mark=to_WAN2 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=1 dst-address=0.0.0.0/0 gateway=192.168.0.1 scope=30 target-scope=10
add check-gateway=ping disabled=no distance=2 dst-address=0.0.0.0/0 gateway=10.0.0.1 scope=30 target-scope=10