SSH

Mikrotik. Access to WebProxy and SSH from the outside, traffic routing through a 3G modem?

Good day dear experts. I can't figure out how to solve the following problem. Please help.
Given:
1. An ADSL router with a static white IP address that distributes the Internet to the local network via cable.
- IP address of the router: 192.168.1.1;
- DHCP works (192.168.1.2-192.168.1.100).
2. Mikrotik (RouterOS 6.39) is connected to the ADSL router.
- The cable from the adsl router is connected to the 2nd port (ether2).
- Mikrotik's IP address is assigned via DHCP (192.168.1.9) and has a MAC binding in the adsl router.
3. A 3G modem is connected to Mikrotik and works on the ppp-out1 interface.
When resetting Mikrotik, the standard settings were not applied, I set it up from scratch. Actually, from the settings, only the following was carried out:
- In the ppp-out1 settings, "Add default route" is specified with Distance 1;
- The DHCP Client is specified not to be used as the default gateway;
- Enabled WebProxy (Source Port ::, Port: 8080) and SSH (port 22).
- For WebProxy and SSH, Port Forwarding is configured in the ADSL router and the IP address of the Mikrotik (192.168.1.9) is specified as the Destination.
- When raising the Internet on a 3G modem, the ppp-out1 interface is assigned the IP address 10.xxx (always different).
As a result, I am trying to ensure that Mikrotik can connect to WebProxy and SSH from the outside via the static IP of the ADSL router, while using WebProxy, the traffic went through a 3G modem. That is, by specifying in the browser settings, for example, static_ip: 8080, the IP address checking sites identified me as if I were using the mobile Internet.
But it turns out that the local machines can safely log in via SSH to Mikrotik and WebProxy, but there is no access from the outside.
Unfortunately I still poorly understand networks. I rummaged through everything on the Internet on this issue, stumbled upon the concepts of mangle, marking packages. Through various tests with the marking of packages, I achieved that I got access from the outside, but the connection periodically falls off.
That is:
- Connecting from the local network via Winbox to Mikrotik, the connection is lost every 3-4 seconds.
- Connection via SSH from the outside is stable, but WebProxy works somehow "crookedly" (it takes a long time to open and part of the page does not load).
It starts when I turn on the marking rules and add the route: dst: 0.0.0.0/0 gateway: ether2. As soon as I turn it off, access from the outside disappears, and from the local area it works stably.
Tell me, please help me, what am I doing wrong, what should I pay attention to?