It follows the topology of the network in the annex, I will try to explain what we're trying to accomplish
previously we had this same network topology that with the change to have a Cisco ASA instead of the Server Linux
I want is a transparent proxy
ie the Cisco ASA in the network interface has 192.168.100.0/24 (outside) and a network interface in 10.254.254.0/24 (inside) and the network 10.253.253.0/24 (dmz-proxy), in normal navigation of a station with ip address 10.254.254.50/24 the packet of data leaves destined for example to the Website packets google that is going to address the target www.google.com.br or 22.214.171.124. In ASA he has the following table of routes.
10.254.254.0/14 directly connected via inside
10.253.253.0/14 directly connected via dmz-proxy
192.168.100.0/24 directly connected via outside
Default route via 192.168.100.2
with this configuration should leave the packet with the destination MAC address of 192.168.100.2, and the destination IP address 126.96.36.199 and address of origin as 10.254.254.50/25 that there is not nat correct?
want is for the ASA INTERCEPT this connection leaving before routing ie before being routed by default route and change the header of the packet by changing the destination address or the destination mac address for the IP address that is the server 10.253.253.2, the server proxy, it receives and verifies the packet in its cache if the requested page is stored. if the page you requested exists in the cache proxy server sends the page to the client with an IP address 10.254.254.50 otherwise makes a request to the address 188.8.131.52 requesting the website and storing in its cache and sending the user to the page.
I am at the disposal for further clarifications.