Cisco ASA 5500

achyut.chalise · ‎10-16-2015

Hi,

I have a ASA 5500 running 9.X image. My Squid proxy is in same network. I would like to redirect my all web traffic (http and https) to Squid box. No idea how do I proceed with best practice ? please help. Thank you.

ASA inside and Squid running in same network.

1. ASA : 172.16.1.1

2. Squid Proxy: 172.16.1.254

rvarelac · ‎10-16-2015

Hi achyut.chalise,

If your ASA is running code 9.4 or higher you can create a PBR to achieve this goal , alternative if this server supports WCCP , you can configure WCCP on the ASA to redirect the traffic.

PBR ASA

http://www.cisco.com/c/en/us/td/docs/security/asa/asa94/configuration/general/asa-general-cli/route-policy-based.html

WCCP

http://www.cisco.com/c/en/us/support/docs/security/adaptive-security-appliance-asa-software/116046-config-wccp-asa-00.html

https://supportforums.cisco.com/document/48341/asa-wccp-step-step-configuration

Hope it helps

-Randy-

Ganesh Hariharan · ‎10-19-2015

Hi,

I have a ASA 5500 running 9.X image. My Squid proxy is in same network. I would like to redirect my all web traffic (http and https) to Squid box. No idea how do I proceed with best practice ? please help. Thank you.

ASA inside and Squid running in same network.

1. ASA : 172.16.1.1

2. Squid Proxy: 172.16.1.254

Hi,

As told, WCCP is the method to do your task.

Check out the below link on step by step approach to redirect traffic using WCCP to websence.

http://www.websense.com/support/article/kbarticle/WCCP-Sample-Configuration-for-Cisco-Firewalls

Hope it Helps..

-GI

Rate if it Helps..