URL (or IP?) rewrite by ASA for specific originator

rsnd · ‎08-08-2007

Hi,

We have a ecommerce platform in our DMZ that is going to be upgraded to a new software-release within a few days.

What we'd like to accomplish is that on the day of the upgrade, people on our internal network are able to access the websites in our DMZ, but outside customers are redirected to a maintenance-webpage.

We can't change ip-addresses because the DNS-entries for our websites are maintained by our ISP and the testing period will be an hour or two at most.

What I would like to do is that when a customer visits one of our websites and he arrives at the external interface at our ASA, an url or ip rewrite of some sort is performed so that this customer is redirected to a generic webpage that I set up, that states the websites are in maintenance.

Is this possible and if so, how? Or is there any other solution that gives me what I need?

Thanks a lot in advance for your help!

dsweeny · ‎08-16-2007

DNS rewrite performs two functions:

Translates a public address (the routable or mapped address) in a DNS reply to a private address (the real address) when the DNS client is on a private interface.

Translates a private address to a public address when the DNS client is on the public interface.

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00807968d1.shtml