Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1372
Views
0
Helpful
2
Replies

Redirect Traffic to proxy server

bob mail
Level 1
Level 1

‎05-25-2016 12:42 AM - edited ‎03-10-2019 01:08 PM

Hi .

I have 3 VLAN on my network .

192.168.20.0/24  gw=192.168.20.1

192.168.22.0/24  gw=192.168.22.1

192.168.24.0.24  gw.192.168.24.1

 inter vlan routing  is enabled and access list create some custom access list for communicating between hosts  .now i have setup a  proxy server  and I want to route http and https traffic to proxy server .my proxy server is located in VLAN 20 and it's local  ip address is 192.168.20.55

I create new PBR to route http and https traffic to proxy server but it does'nt work .

access-list 101 permit tcp 192.168.20.0 0.0.0.255 any eq www
access-list 101 permit tcp 192.168.22.0 0.0.0.255 any eq www

access-list 101 permit tcp 192.168.24.0 0.0.0.255 any eq www


access-list 101 permit tcp 192.168.20.0 0.0.0.255 any eq 443
access-list 101 permit tcp 192.168.22.0 0.0.0.255 any eq 443

access-list 101 permit tcp 192.168.24.0 0.0.0.255 any eq 443

route-map ForwardWeb permit 10
 match ip address 101
 set ip next-hop 192.168.20.55

and set ip policy route-map on vlan 20,22,24 but nothing happen .

if client set proxy address on their browser they can surf the net but i want to use transparent proxy without set IP and port on their browser .

my proxy server wont support wwcp .

Is it possible to route www and https traffic to internal proxy server with my scenario ?  

                                                                                 Internet

                                                                                 |

                                                                               Proxy Server (192.168.20.55)

vlan20(192.168.20.0/24)-----------------|                   |

                                                           |                   |

vlan22(192.168.22.0/24)---------------- |  CoreSwitch (3750)

                                                           |

vlan24(192.168.24.0/24)---------------- |

thanks in advance

Labels:
0 Helpful
2 Replies 2

paul driver
VIP
VIP

‎05-25-2016 05:05 AM

Hello

What make/Model is the L3 switch -?

It possible that you may be running a incompatible ios for PBR or the incorrect SDM template
(3560,3750.3850 etc..)

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

bob mail
Level 1
Level 1
In response to paul driver

‎05-25-2016 07:13 AM

Thanks paul driver

I have 4 stack switches as core switch .

models and switch versions and images . 

------ ----- -----              ----------            ----------
*    1 12    WS-C3750G-12S      12.2(55)SE8           C3750-IPSERVICESK9-M
     2 12    WS-C3750G-12S      12.2(55)SE8           C3750-IPSERVICESK9-M
     3 12    WS-C3750G-12S-D    12.2(55)SE8           C3750-IPSERVICESK9-M
     4 12    WS-C3750G-12S      12.2(55)SE8           C3750-IPSERVICESK9-M

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card