RE: [squid-users] Cisco ASA -> Squid proxy

Hi Nick,

You may try the following. I have used it on Cisco routers to redirect the
traffic to a Squid proxy sitting on the local LAN:

interface Vlan1
 ip address 10.0.12.1 255.255.255.128
 ip policy route-map proxy-redirect

route-map proxy-redirect permit 100
match ip address 111
set ip next-hop 10.0.12.2
! IP 10.0.12.2 is the IP of the Squid box with a single NIC

access-list 111 deny tcp any any neq www
access-list 111 deny tcp host 10.0.12.2 any
access-list 111 permit tcp any any

Dhyanesh

-----Original Message-----
From: Henrik Nordstrom [mailto:henrik@henriknordstrom.net]
Sent: Sunday, April 06, 2008 12:05 PM
To: Nick Duda
Cc: squid-users@squid-cache.org
Subject: Re: [squid-users] Cisco ASA -> Squid proxy

sön 2008-04-06 klockan 04:56 -0400 skrev Nick Duda:
> Does anyone know if the Cisco ASA has the ability to redirect port
> traffic (80/443) to a squid proxy server? I want to setup a
> transparent proxy and would prefer not to do the iptables thing on the
> squid box. I want to keep the gateway of clients going to the cisco
> gear.

No idea, but another easy deploy option is to set up the proxy as a bridge
between the LAN and the gateway.

Regards
Henrik
Received on Sun Apr 06 2008 - 10:18:02 MDT