Cisco WAN :: 2600 - Redirect Web Traffic To External Proxy In Specific Port?

Jan 18, 2010

I want to redirect internal web traffic (browsing) to an external web server for Web, Virus and Spyware filtering. Those externals proxies are running in 8080 port. I have one ASA firewall and a Cisco 2600 router. I was thinking in doing PBR in the router but in the next hop I can only set one IP, not an IP and a port. So how can I redirect web traffic to an external proxy listening in 8080 port?

View 11 Replies


ADVERTISEMENT

Cisco Application :: Apply Policy Only On Specific Subnet / Port 443 Traffic Can Be Redirect And Rest

Feb 16, 2012

I am facing problem with ACE configuration. I want to redirect 443 traffic to my Proxy Server. But I am not able to do this. I want to redirect only subnet 192.168.80.0/24..Then only it is working but I dont have to have this policy to be applied on all the users only one subnet I want to have under HTTPS policy.
 
how can I apply the policy only on specific subnet so that port 443 traffic can be redirect and rest of all subnets can go direclty to Internet.

View 8 Replies View Related

Cisco Wireless :: WLC 5508 - Redirect Traffic To Web Proxy

Mar 1, 2013

We need to create Guest WLAN on WLC 5508 which will be used for internet access only. My questions are:
 
1. Is it possible to use our external web proxy server to authenticate users?

2. Can we also forward all traffic to the external web proxy to filter the websites that can be accessed (without configuring it on the browser)?

3. Can this be achieved using the L3 webauth?
 
Our topology:
 
WLC -- Switch -- ASA Firewall -- Internet -- External Web Proxy
 
We are using WLC as DHCP server for Guest WLAN with ASA Firewall as the gateway.

View 6 Replies View Related

Proxy Server / Host File - Redirect Traffic

Feb 16, 2012

So I have a proxy server in my home that all the computers use to access the internet (XP Pro). I edited the host file on the proxy to redirect traffic for various reasons (ad blocking, etc.) But I have noticed that it doesn't seem to affect the computers that use the proxy. For example one entry in the host file could be 127.0.0.1 abc123.com so that abc123.com would loopback to the localhost. For some reason this isn't working. Is there anyway to get this to work without changing the host file on each individual computer?

View 3 Replies View Related

Cisco Firewall :: ASA5505 - Redirect ASA Traffic To Proxy Server?

May 20, 2011

I have ASA5505 with bese-license. I like to install proxy sever in my network and i want redirect traffic to the proxy server.
 
Below  i added configuration in my firewall.
 
ASA(config)#access-list wccp-servers permit ip host 192.168.6.10 any ASA(config)#access-list wccp-traffic permit ip 192.168.6.0 255.255.255.0 any ASA(config)#wccp web-cache group-list wccp-servers redirect-list wccp-traffic ASA(config)#wccp interface inside web-cache redirect in
 
furher configuration and if this configuration is enough, then how to check whther its working or not in my firewall.

View 1 Replies View Related

Cisco Firewall :: ASA5510 - Redirect HTTP Traffic To Internal Proxy?

Feb 13, 2011

I am using ASA5510 and i want to know if it is possible to redirect http traffic to an internal proxy software. I explain : PC from the LAN use a internal proxy in their IE browser but some other PC doesn't use it.They are directy connected to the Internet using the Public IP from the WAN interface ( via NAT). Can we redirected this HTTP Traffic from the WAN interface to the Proxy in the LAN ?
 
Http Traffic will be routed like that : PC ->  WAN interface -> Proxy -> WAN interface -> Internet In fact,can we create a rule saying : All http traffic which doesn"t come from the IP Proxy must be redirected toward proxy.

View 6 Replies View Related

Cisco 887VAW - Redirect Port 90 To Another IP Address External To Our Own?

Oct 28, 2012

Our company uses a commercial copier monitoring package called FMAudit to obtain meter readings from our clients' copiers, and it uses a feed to send the readings back to us. We have used port 90 for this purpose.Due to a recent server crash and emergency reconfiguration of our network, we have moved our FMAudit central server from in-house to a hosted service, with of course a different external IP address.

Without interfering with our other systems, is there a way to redirect JUST PORT 90 to another IP address external to our own? I don't care if it has to happen at the router or server level. We are using Server 2003 and a Cisco 887VAW.

View 2 Replies View Related

Cisco WAN :: 800 Series / Open Port To Specific External Ip

Feb 6, 2012

I have a Cisco 800 series ?I need to allow access to our local server from a specific range of  external ip addresses.I can open port for all external ip using this command:

ip nat inside source static tcp <localserverip> <port> interface <interface> <port
 
But this is not secure as is..Do I then restrict and permit access using access-list? Or is there another way altogether?

View 3 Replies View Related

D-Link DIR-655 :: Routing All HTTP / Port 80 Traffic To Proxy Server?

Jul 18, 2011

I have a setup like this.

Foreach computer I need to go and configure the browser proxy settings and some people are getting smart and turn it to automatic configuration again.

So what i want to achieve is to have my DIR-655 to route all the HTTP/port 80 traffic to the proxy server.
That way it is transparent and then it is not needed to configure each computers browser settings.

I am pretty new to this and the router configurations.

The proxy server works fine if i configure the browser manually.

View 6 Replies View Related

Cisco Routers :: RV042 - How To Direct Traffic Through Specific Wan Port

Aug 1, 2012

I have an RV042. I understand and have created the services I need. The documentation is just not clear on how to direct traffic for these services to a specific wan port.
 
Can this even be done with this router? If so, the how? Use rate control or priority? Does checking a wan port mean that it will only go through that port?

View 4 Replies View Related

How Does Firewall Block Or Filter Traffic On Specific Port Or IP Address

Nov 15, 2011

How does a firewall block or filter traffic on a specific port or IP address?

View 1 Replies View Related

Cisco Switching/Routing :: 1433 - Span Port Configuration To Listen To Specific Traffic Only?

Nov 2, 2011

Is it possible to configure the span(switch port analyzer) port and restrict it to only listen to ingress and egress of TCP/1433 from the source port?

View 2 Replies View Related

Linksys Cable / DSL :: WAG320N Restrict External Port Traffic

Jul 9, 2011

I have recently purchased a Linksys WAG320N (firmware V1.00.12) to replace my old ZyXEL P-660H-D1.I've managed to set it up roughly the same in terms of the ports I want open and port forwarding, with one exception: I can enable a port to be forwarded to an IP address on my network, but I can't find anywhere to set it so that the port is only allowed from a specific IP address outside of the network, e.g.
 
Accept port [some number] from [some Internet address] into 192.168.1.2 but reject attempts from others.I thought it might be in Access Restrictions but that only covers internal IP addresses.

View 1 Replies View Related

Cisco Firewall :: ASA5505 Can't Port Forward Traffic From Two External IP Addresses

Dec 30, 2012

I am a total Cisco novice who has just had a ASA5505 installed to replace a linux freeware firewall (smoothwall).I'm told that the 5505 can't port forward traffic (e.g. ssh) from two external IP addresses to two internal destination machines via the same port # (22 in this example).

View 9 Replies View Related

Cisco Switching/Routing :: SRP547w - Allow Traffic On Port 25 From External IP Filter?

Nov 16, 2011

Can the SRP547W be configured to allow traffic on port 25 from an external ip range to an internal address?

View 0 Replies View Related

Cisco :: LMS 4.1 Redirect Syslog To External Server

May 16, 2012

I would like to know whether LMS 4.1 (local server mode) has the ability to relay syslog messages received from devices to an external syslog server?  If so, how do I configure such?
 
From reading the document and going through the LMS 4.1 GUI, it appears that it could receive and forward messages but only between LMS system (ie. multi server mode) as SSL is required.

View 1 Replies View Related

Cisco :: 2504 Web-Auth Passthrough With External Redirect

Feb 6, 2012

I have a cisco 2504 running 7.0.220.0. I am trying to configure Web Auth for External Redirect, Passthrough. I have a page created on an external web server that was taken from the Web Auth Bundle and modified. It is a simple "accept" or "reject" on a Terms and Conditions page. I have a Pre-Auth ACL configured to only allow communication to the server the T&C page resides on.
 
When I connect to the SSID, the page redirects to the external URL and the the URL shows up in the browser window with all the variable data as a GET on the URL line, but the page never loads. It just hangs. I can copy the the URL data, paste that in once I am on-net, and the page loads just fine.
 
So, something is happening when the WLC is attempting to proxy-redirect the page back to the client.

View 7 Replies View Related

Cisco WAN :: 2600 - External To Internal IP NAT?

Jun 10, 2013

I have a 2600 I am trying to setup for educational use. 
 
My Cable ISP has issued me 5 routable IP's through their SMC modem 86.28.12.226-229.  The SMC modem is .225.  Currently the internal network can get out through .229 as expected but nothing outside (tcp 80 to web server) can get through.  When I assigned the ip's to e0/1 as secondarr I could get it to route from the inside network (so hitting .226 80 went to the correct place) but it still didn't work from the outside - plus I read that wasn't a great way to do it anyway.

!
interface FastEthernet0/0
description LAN Interface

[Code].....

View 2 Replies View Related

Setup Application Specific Proxy?

Jan 28, 2011

I'm trying to setup a Application specific proxy. I have tried everything that I could find via Google search and nothing seems to work. All the proxy servers I have found seem to be centered around web browsers such as IE, and firefox.

View 2 Replies View Related

Cisco Routers :: RV082 - Route Specific Ip Address To Specific WAN Port

Oct 25, 2011

I use a router RV082 with load balancing. My problem is when I try to access a specific site, I get the error message that my IP address changes and I can not use 2 ip address. I want to specify an ip range to always use the same WAN port.

View 2 Replies View Related

Routers / Switches :: Rate Limit On Specific Port From Specific Range?

Jul 1, 2012

Is it possible to enable an absolute value rate limit using QOS on a HP ProCurve 5406 switch for a particular IP range on a specific port? Is there a way to configure our HP 5406 with an absolute rate limit on "WAN" port for that server's IP range? I would like to limit it to only being capable of sending 1Mbps worth of traffic over the head end at once.Everything in the documentation points towards priority queues, which as far as I can tell, isn't really what I want.Baring accomplishing this goal using rate limiting is there a better way to prevent our services from accidentally saturating this connection?i thimkong about somthing like that:

class ipv4 rate-limit-port-A1
match ip 10.136.0.0/16 any
exit
policy qos port-a1-ratelimit
class servers-to-be-slowed action rate-limit kbps 1000
exit
interface A1 service-policy port-a1-ratelimit inI'm not sure about this.

View 4 Replies View Related

Cisco Switching/Routing :: 5520 To Redirect An External Address To An Inside Server

Mar 21, 2012

I am desperate to make some kind of translation which convert an outside IP Address of our web server to its inside ip address so that requests can be routed internally to the server.
 
This is what we have:  A wireless network with an SSID to serve visitors.  We also have an in-house web server which can be accessed internally and externally.  We have a ASA 5520 that protects the internal network, including the Web server, and also routes all traffic from the all visitors connected to the public SSID to the outside.  The DHCP server for the wireless network for visitors is configured to give the 8.8.8.8 as dns server.  The problem with that is that the www.ourwebserver.com is resolved by Google's dns server to the public IP Address of our web server!  The traffic then is sent to the outside interface of the ASA 5520.  The visitor who wants to access our web server cannot connect!
 
How can I configure the ASA to route that traffic to our web server with the public ip address to the inside ip address of the web server?

View 2 Replies View Related

Cisco Wireless :: 1600 / 2600 With Single External Antenna?

Jun 5, 2013

I have an unusual request to support an access point with a single external antenna to cover a small physical area (elevator car!!). All Cisco's currently shipping APs have dual band antennas using MIMO for throughput in "normal" deployments. Will a deployment with a single antenna work?

View 2 Replies View Related

Cisco :: Finding ISE 1.1.1 External RADIUS Proxy?

Aug 12, 2012

I am looking to port legacy ACS 4.2 "proxy distribution tables" to ISE 1.1.1 and I am currently a little at a loss where to start.   I know I have to add the External RADIUS Server, Configure a RADIUS Server Sequence that will skip local authentications then send to the External RADIUS server.  How do I match this authentication and how do I match it to an authorization rule?   Is this the Network Access:Use Case equals proxy? 

View 5 Replies View Related

Cisco AAA/Identity/Nac :: ACS 5.3 - External Proxy Service User Logs?

Apr 11, 2012

We are currently using Cisco ACS 5.3.0.40.2. One of the Services Selection Policy it hosts is:
 
Receive Authentication request from a wireless controller for a wireless userIf the wireless user's username contains a particular domain suffix, the request is proxied to an external proxy server using an External Proxy service (configured for both local/remote accounting)On receiving an Acccess-Accept from the external proxy, the user is given access and ACS 5 will start logging account packets for the username (nothing appears in the RADIUS authentication logs - ACS 5 it seems doesn't log proxied authentication requests) The above setup works fine in most instances. We start to have problems when an external proxy server strips the domain suffix off the username in the Access-Accept packet e.g.
 
ACS 5 proxies an Access-Request to an external proxy server (with Username = someuser@somwhere.com)The external proxy replies with an Access-Accept (with Username = someuser)The user 'someuser' is given access but subsequent accounting attempts fail because their username (without the domain suffix) doesn't match the Service Selection PolicyIs there any way to get ACS 5.3 to log proxied authentication requests? If not, can I configure ACS 5.3 to use the username in the Access-Request packet (rather than the username in the Access-Accept packet) for accounting?

View 2 Replies View Related

D-Link DIR-655 :: How To Forward Requests To External Http-Proxy

Nov 23, 2011

Goal: To forward requests over port 80 from my LAN to an external server on a specific port, that is I would like to forward all requests over http to an external proxy.

I know that this can be done with IP-Tables, but I would like to do the same thing with my D-Link. I have looked at Advanced --> Routing, but that seems to be specifically for inbound requests. I want to do this for outbound requests. This can be achieved with the D-Link DIR-655?

View 13 Replies View Related

Cisco Routers :: Redirect Web Traffic On SRP527W

Mar 16, 2012

Is it possible to redirect all web traffic to a Symantec web filtering address on a particular listening port. I had a look at the Srp527w Router and can't find where this could be done.

View 1 Replies View Related

Cisco WAN :: 4507 Redirect Web Traffic Via Policy

Jul 12, 2011

We have W2K3 domain with Catalyst 4507 routers.Client (laptop, tablet etc) needs to redirect web traffic (port 80) to a proxy server that listens on port 8080.
 
Before you ask, this cannot be done using a PAC file distributed via Group Policy or the like because these devices are not controlled by us. These devices are client owned and could be non-Microsoft OS and/or non-IE browser. The theory is to have a WiFi network where clients can bring whatever they like - iPad, Android, Windows, whatever it may be but we do not control them and therefore cannot send a PAC file to it. In the case on Android it does not have a proxy setting even if we could force something.
 
I've looked at Policy Based Routing which appears to do half the job. I can route a web request that is on port 80 to a new location ie our proxy server. But the problem is that it arrives on the same port 80 when the proxy server only listens on port 8080.

View 10 Replies View Related

Cisco Firewall :: Redirect HTTP / Ftp Traffic (ASA 5510)

Apr 25, 2011

i have the following scenario :
  
ISP1-------ASA 5510----------ISP2
                    |
                    |
                    |
                  LAN
 
i would like to use ISP2 for all http/https/ftp traffic.how could I force my ASA to set a different gateway for http/https/ftp traffic ?i have tried several solutions such as nat/pat rules, nothing seems to work.

View 7 Replies View Related

Cisco WAN :: IP Spoofing And Redirect Inbound Traffic C3750

Oct 9, 2012

We want design a topology based on transparent proxies using WCCP. Our proxies can do spoofing of user ip addresses. So, the HTTP request will go out our network with the user ip address as source ip. The HTTP Response will arrive with destination address the user ip address. We want use WCCP to redirect inbound and outbound traffic because we have c3750 with L2 WCCP support. The outbound redirection, when the packet is going out our network is simple. But, the problem is the inbound redirection. How we redirect this packets to proxies by WCCP?. Is it possible?. This redirection is done by c3750 using TCAMs/hardware?. Our throughput could grow until 2-3Gbps and we are worried about the performance.

View 1 Replies View Related

Cisco Switching/Routing :: Can 7600 Redirect Layer 4 Traffic

Dec 6, 2012

i want to to ask about redirecting in MLS 7600 .assume the user a has an ip x.x.x.xand that user requested url...i want to to redirect his request to url...the users that have to pay the monthly bills , i want to give thim an ips  and redirect all the http requests from this to a special local webpage .is is applicable to to it on router cisco 7600 ??or is it applicable on router 7206 npeg2 ? also i have siwtch 2960g.i dont want to do it by proxy server.

View 4 Replies View Related

Cisco Routers :: How To Redirect Internet Traffic From RV082 To RV042 Through A VPN

Feb 24, 2013

We have offices in USA and Venezuela.In our USA office we have a RV042 router and in Venezuela we have a RV082 router.We have connected a VPN tunnel (gateway-to-gateway) between both offices.
 
The point is:How   could we redirect the internet traffic from our Venezuela office   (RV082) to the USA Office (RV042) to navigate using USA public IP's?
 
The   reason for this is that we need to use online streaming services which   are only available for IP's from USA and we can't use them from the   Venezuelan IP's.
 
We  can not use the PPTP option since the  equipment which will use the  streaming services (like hulu, crackle,  etc.) in Venezuela is a Google  TV device which doesn't allow the  configuration of proxy navegation or  PPTP VPN connections itself. That's  the reason why we need to do that  through the routers.

View 1 Replies View Related

Cisco Switching/Routing :: 3560 Redirect Internet Traffic

Nov 24, 2011

At one of my field offices I want to redirect internet traffic down a separate DSL connection instead of having it ride the T1 back to the main office then going out.  At this office I have a 2600 router, 3560 switch, with a Fortigate firewall in between DSL connection and LAN, Fa0/0 on router and firewall are both plugged in to switch.  I have seen posts that mention PBR or static routes which is the reccomended method for dealing with this? 

View 6 Replies View Related







Copyrights 2005-15 www.BigResource.com, All rights reserved