www transparent proxy ?

Discussion in 'Cisco' started by Casto, Dec 13, 2003.

  1. Casto

    Casto Guest

    (excuse my english, i'm not english or american)

    i want to install a www transparent proxy in my dmz.
    i have a 1700 series cisco with 3 ethernet int

    my lan network : ( address of the
    my dmz network : ( address of the router,
    address of my www proxy
    outside network : ( address of the

    LAN ----------------ROUTER------------------OUTSIDE
    _____ |______
    DMZ (proxy)

    i install a sniffer in the DMZ and
    when i try to connect to an ouside web server, --->
    i have in the dmz a paquet with
    source : destination : port : 80 (www.mytestdomain.com)
    (with destination mac address of my proxy, like a "routed" paquet)
    and i would like to have
    source : destination : port : 80

    is it normal ?
    is it possible to change the destination address ?
    a squid server can resolve this request with my paquet? (i don't install my
    proxy at the moment)

    can you help me, i try different configuration, but i didn't manage to work
    my transparent proxy with the proxy address in destination paquet

    i use use found on the web

    interface Ethernet0
    ip address
    ip policy route-map proxy-redir
    interface Fastethernet 0
    ip address
    interface Ethernet1
    ip address
    access-list 110 deny tcp host any eq www
    access-list 110 permit tcp any any eq www
    route-map proxy-redir permit 10
    match ip address 110
    set ip next-hop

    thanks a lot

    Casto, Dec 13, 2003
  2. http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.5

    Use wccp if you can, very easy, route-map if you ned to.

    Alan Strassberg, Dec 15, 2003
  3. Casto

    Casto Guest

    i complete my question :
    does a squid server accept paquets like a router ?
    paquet destination : eth : [squid mac address] and ip[real ip
    destination of the web server].

    Casto, Dec 15, 2003
