As per attached diagram,
I have two isp and two core switch with 10 vlans and two core switch interconnected with cascading. One vlan i put Bluecoat and we are using proxy.
I need to block all internet traffic without proxy. I mean any internet traffic should forward to bluecoat. For this i used route map.
ip address 192.168.1.3 255.255.255.0 secondary
ip access-group 110 in
ip nat inside
ip policy route-map LOCAL_ACCESS
ip access-list extended NO_PROXY
permit tcp any any eq www
permit tcp any any eq 443
route-map LOCAL_ACCESS permit 10
match ip address NO_PROXY
set ip next-hop 192.168.2.8
but its not working.
Can anyone help in the scenerio.
Do you have IRB between Vlans here? if so, make sure the BVI is the gateway for those vlans. and make sure (bluecoat) has its default GW set to 192.168.2.x subnet SVI interface.
There are two ways to redirect traffic to the proxy, either by PBR or WCCP.
perhaps if you elaborate more , So we can provide better response.