We use an 1801 to do IPSEC connections back to our corp location. At our corp location, we have a web proxy (SQUID) server running on port 9200.
We would like to force port 80, 443 (and any other ports specified in an ACL) traffic from the LAN side of the 1801 to the Proxy server on port 9200.
The LAN network behind the 1801 is 10.10.10.0/24. The Proxy server is 172.17.16.23. We would like all traffic specified in the ACL to be forwarded to the proxy server on port 9200.
Mind you, the 172 address is over the internet, over an ipsec tunnel.
I was able to set up a route-map which appears to capture the traffic, but it does not seem to use the next-hop, and I am baffled as to how to port forward it.
Notes: The LAN "data" traverses vlan 80. The f0 port is the aggregate port that connects to a cable modem. The 10.10.10.0/24 address are all on vlan 80.
access-list 111 permit tcp any any eq 80
access-list 111 permit tcp any any eq 443
route-map proxy-rm permit 11
match ip address 111
set ip next-hop 172.17.16.23
interface vlan 80
ip policy route-map proxy-rm
Suggestions or thoughts?
Thanks in advance for your time.