Cisco 1841 Routing

Unanswered Question
Oct 12th, 2009

Hi Guys,

I need help on routing settings of our Cisco 1841 router.

Out network IP Address is then we have a proxy server with an IP Address of, our router IP Address is and the WAN IP of our router is in our router config these are the settings:

ip route

ip route

The statement means any request not intended to will be routed to the proxy server like internet access.

What I want is to change this settings, how can I route any internet request to the proxy server without using the statement?

Hope you can help me guys.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.3 (3 ratings)
nsn-amagruder Mon, 10/12/2009 - 18:32

The most common ways are to configure the browser with the ip address of the proxy server or use a pac file The other is to configure WCCP V2 on the router and proxy server. Do you know if your proxy server supports WCCP and if not what type of proxy is it?

The 3rd way is through Policy Based Routing, but would complicate your configuration.


NonStop Networks, LLC

helios999 Mon, 10/12/2009 - 19:42

Hi Aaron,

We are using linux proxy server with squid.

Our user's browser are set to use the proxy server ip address so any http request can pass to the proxy server. My problem is other request like smtp, https and others they need to pass to the proxy server.

Can you give further advice?



Richard Burts Tue, 10/13/2009 - 04:19


Probably the other alternative is to configure Policy Based Routing. With PBR you configure a route map which will identify traffic to be routed different from what is in the routing table. So you could identify smtp, https, etc and forward them to the proxy server. But this is much more complex than just using the route. Why do you want to avoid using the route?



helios999 Tue, 10/13/2009 - 18:10

Hi Rick,

Thanks for the reply. I can really make use of PBR in our network. The reason I don't want to use the route is simply because I want to control any request going to my proxy server. I think there is something in my network that eat lots of internet bandwidth so I want to control and manage any internet request.

Can you give me examples on PBR or any links that discusses it?



Richard Burts Wed, 10/14/2009 - 08:26


PBR is configured using a route map and is configured on the interface where the traffic arrives. So assuming that Fast0/1 is the interface where your user traffic is comging from a config might look something like this:

interface fasst0/1

ip policy route-map inet_traffic


route-map inet_traffic permit 10

match ip address 101

set next-hop


access-list 101 permit ip

You would need to figure what access list details would accurately describe the Internet traffic that you want to send through the proxy server.



nsn-amagruder Tue, 10/13/2009 - 04:37

Squid and Linux support WCCP for http redirection.

SMTP by default is a proxy protocol. Just configure your internal mail server to forward to it and external mx record to the Static NAT setup on the 1841. Sendmail or another program will need to be configured on it to forward to your internal mail server.

Most other request, you won't want going to the proxy. Most IM clients have proxy settings. Not sure what other apps in your organization require internet access. Just allow them to the internet directly. The other option is to set up the linux box to proxy those request. i.e. Linux has port forwarding cababilities, ssh/telnet proxies, etc.

Keep in mind the more you add and rely onn the one linux box, the more issues you will have if it fails.

helios999 Tue, 10/13/2009 - 18:57

Hi amagruder,

I have setup my proxy server for port forwarding already. But aside from that I also want to control and manage my network as to what protocols and ports they will access to the internet via our Cisco router.

Im not comfortable with the routing.

Thanks for the reply.

nsn-amagruder Tue, 10/13/2009 - 19:00

Use ACL's on the router. This will allow only the protocols, ports, ip combinations you want. If you have the SEC image, you can use CBAC for protocol inspection.


This Discussion