Re: [squid-users] routing OR different IP address

From: Edward <edward@dont-contact.us>
Date: Sun, 6 May 2001 18:35:38 -0400

It is working.

I will talk to you tomorrow.

HA hA Ha hah haHah
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

----- Original Message -----
From: "Henrik Nordstrom" <hno@hem.passagen.se>
To: "Edward" <edward@cariaccess.com>
Cc: "squid" <squid-users@squid-cache.org>
Sent: Sunday, May 06, 2001 3:51 PM
Subject: Re: [squid-users] routing OR different IP address

> Edward wrote:
>
> > I have the a policy route to the cache on one ip address.
> >
> > eg
> > access-list 110 deny tcp any any neq www
> > access-list 110 deny tcp host 200.50.68.7 any
> [...]
> > The other IP is 64.110.11.2.
> >
> > As you can see here, the ciso is only sending to the 200.50.68.7.
> >
> > What I believe here, after sending you that email, 64.110.11.2 is not
> > getting pass the router faste0/0 interface.
>
> Correct. Your Cisco does not know that 64.110.11.2 should not be
> redirected to 200.50.68.7.
>
> I seem to remember that your clients is actually on different subnets
> than your servers. In such case it is probably better to reverse the
> router ACL to tell what should be redirected rather than what should
> not. I.e. only redirect your client networks to the proxy.
>
> > If that is the case then I will have to add
> >
> > access-list 110 deny tcp host 64.110.11.2 any
> >
> > to the access-list.
> >
> > What do you think Henrik?
>
> Not a Cisco expert, but it looks like a step in the correct direction.
>
> --
> Henrik Nordstrom
> Squid Hacker
>
Received on Sun May 06 2001 - 16:35:54 MDT

This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:59:50 MST