The Cisco Ironport WSA's specifically use Regular Expressions Flex.
First off, the WSA will only manipulate HTTP. So if the sites in question are indeed in HTTPS, you will need to make sure it gets Decrypted in a Decryption Policy. This can get tricky depending on how you are deployed. I will assume WCCP since that seems to be the most common to me. In a Transparent deployment, the WSA will not know the URL that the client is trying access until it is decrypted. To force a decryption for that specific site(s), you will need to get the Common Name of the SSL Server Certificate. There are many ways to get it, but if you have access to OpenSSL, you can use the following command:
This will complete the SSL handshake and you should see the CN some where in the text message. In your example above, I want to guess that the CN could be *.learning.com. You will need to place learning.com, and .learning.com into a Custom URL Category, and force the traffic to be Decrypted.
How many sites are we referring to? You won't be able to make a RegEx that will catch server32.learning.com/12345, and have the WSA automatically detect 12345, and redirect it to teaching.com/12345. Each one will need to have its own regular expression. So in your example above, this is what I'd do:
In the Access Policies, have the RegEx server32.learning.com/298555, and Redirect it to server32.teaching.com/298555. Depending on how many you need to do, you're going to need 1 single URL category for each. Excessive URL categories are known to cause performance problems.
Are you trying to have 1 single RegEx do the job? If so, the destination (redirected) URL will not have any correlation with the URL being accessed. The WSA does not have the ability to pull information out of the original URL, and append it to a destined redirection. Was this what you are trying to do?
This issue can get quite sticky. I'd recommend you open a TAC case and speak to an engineer regarding your intentions.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :