Use MikroTik as Transparent Web Proxy Server for Multiple Web Servers

You have single public IP address and 2 internal web servers hidden behind public IP address:

  • –
  • –

And you would like to forward traffic to each of the web server at the WAN side. RouterOS and his Web Proxy package allows this for HTTP traffic (not HTTPS).

Here are steps how to proceed (tested on 6.37.X):

You need to enable Web Proxy:

/ip proxy
set enabled=yes src-address=

Then define which web addresses and ports to permit on proxy side (note last action deny – this will secure our Proxy Server as Private and not to be Open):

/ip proxy access
add dst-port=80
add dst-port=80
add action=deny

Note: If you want to define single dst-host for multiple records like and * use this: add dst-host=* dst-port=80

After define static DNS record for Mikrotik Proxy to know where to forward request (or you can use advanced regex record also for subdomains):

/ip dns static
add address=
add address=

Last step will be enable of NAT on from WAN>MikroTik Proxy Web Server:

/ip firewall nat
add action=redirect chain=dstnat dst-address= dst-port=80 protocol=tcp \

Final workflow would be like this:

Internet user visit -> -> ->
Internet user visit -> -> ->

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.