Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Is it possible to redirect a particular traffic to an IP?

Hi guys,

I will PIX gurus to tell me if it is possible to have a particular traffic from my inside network going to a particular port (maybe http) redirected to a particular IP and port.

e.g

inside to outside (destination any IP port 80 redirect to destination y.y.y.y port 8080)

y.y.y.y will be a particular IP.

thanks guys

  • VPN
5 REPLIES
New Member

Re: Is it possible to redirect a particular traffic to an IP?

Hi Akin,

Do you need to browse with http://y.y.y.y:8080 to access your outside server?

access-list inside permit tcp any host y.y.y.y eq 8080

access-group inside in interface inside

Is this what you want to do?

If you have version 7.x you may give a try to this command. (I've personnaly never done this but does someone can say if I'm right)

static (outside,inside) y.y.y.y 80 y.y.y.y 8080 netmask 255.255.255.255

Mike

Silver

Re: Is it possible to redirect a particular traffic to an IP?

You can change the source IP and port but I do not think there is a way to change the destination. You can use the static commands to map an outside ip and port to and internal ip and port.

http://www.cisco.com/en/US/products/sw/secursw/ps2120/products_configuration_guide_chapter09186a008017278e.html#wp1090663

To do want your looking to do you'll have to find some other hardware/software. There are a number of options depending on what you are trying to do.

New Member

Re: Is it possible to redirect a particular traffic to an IP?

Thanks guys,

Actually what i am trying to do is to intercept all port 80 traffic from inside to the internet (regardless of the destination) and redirect it to a particular IP and port (e.g y.y.y.y port 8080) something like a proxy and spyware filtering engine. and it doesn't support wccp. (i would have used that)

any ideas?

Silver

Re: Is it possible to redirect a particular traffic to an IP?

Why not just use the proxy settings in the web brower.

Silver

Re: Is it possible to redirect a particular traffic to an IP?

You may be able to use the alias command to change the destination address to your proxy server. However, I don't think you can change the port. If your doing external DNS lookups the alias command can be used to change the response. It can also change the destination address as it passes through the pix.

http://www.cisco.com/en/US/customer/products/hw/vpndevc/ps2030/products_tech_note09186a0080094aee.shtml

140
Views
0
Helpful
5
Replies
This widget could not be displayed.