topic Re: Redirecting Outbound Web traffic to internal web server in Network Security

Redirecting Outbound Web traffic to internal web server

relder — Mon, 11 Mar 2019 09:52:37 GMT

I want to redirect all inside to outside http requests (except the proxy server) to be sent to a internal web server which will state that the proxy is not setup and to contact IS. We have a PIX 525 firewall which I would like to put the redirection on.

Any suggestions? Thanks!

Re: Redirecting Outbound Web traffic to internal web server

hoogen_82 — Wed, 28 Mar 2007 06:23:08 GMT

I think you are trying to get all your users to talk to the proxy server for http or https access. What you need to do is a simple access lists on your inside interface.

Sample could be like this

access-list inside1_outside extended permit tcp host any eq www

access-list inside1_outside extended permit tcp host any eq https

access-list inside1_outside extended permit udp any any eq domain

access-list inside1_outside extended permit icmp any any

access-list inside1_outside extended permit tcp any any eq domain

Your opening up http and https traffic to be allowed only from your proxy server. For dns you could be more specific with your access-list.

After this all the users will be denied access to the web unless they choose to redirect their traffic to the proxy server.

On the users web browser (IE) go to tools --> Internet Options --> Connections --> Lan setting --> Set up the proxy server configuration.

HTH

Hoogen

Do rate if this helps 😉

Re: Redirecting Outbound Web traffic to internal web server

David White — Wed, 28 Mar 2007 22:47:51 GMT

The PIX does not have a way of redirecting the outbound traffic to the server you choose.

As Hoogen indicated, you can write ACLs to block the traffic, but there isn't a way to redirect the users to a web server where they can read the corporate policy of using the proxy-server.

David.