www transparent proxy ?

Discussion in 'Cisco' started by Casto, Dec 13, 2003.

  1. Casto

    Casto Guest

    (excuse my english, i'm not english or american)


    i want to install a www transparent proxy in my dmz.
    i have a 1700 series cisco with 3 ethernet int

    my lan network : 110.75.3.0 255.255.255.0 (110.75.3.210 address of the
    router)
    my dmz network : 80.19.3.0 255.255.255.0 (80.19.3.210 address of the router,
    address of my www proxy 80.19.3.25)
    outside network : 80.19.4.0 255.255.255.0 (80.19.4.210 address of the
    router)



    LAN ----------------ROUTER------------------OUTSIDE
    |
    |
    |
    |
    _____ |______
    DMZ (proxy)

    i install a sniffer in the DMZ and
    when i try to connect to an ouside web server, 110.75.3.1 --->
    80.19.4.1(www)
    i have in the dmz a paquet with
    source : 110.75.3.1 destination : 80.19.4.1 port : 80 (www.mytestdomain.com)
    (with destination mac address of my proxy, like a "routed" paquet)
    and i would like to have
    source : 110.75.3.1 destination : 80.19.3.25 port : 80
    (www.mytestdomain.com)

    is it normal ?
    is it possible to change the destination address ?
    a squid server can resolve this request with my paquet? (i don't install my
    proxy at the moment)

    can you help me, i try different configuration, but i didn't manage to work
    my transparent proxy with the proxy address in destination paquet

    i use use found on the web

    interface Ethernet0
    ip address 110.75.3.210 255.255.255.0
    ip policy route-map proxy-redir
    !
    interface Fastethernet 0
    ip address 80.19.3.210 255.255.255.0
    !
    interface Ethernet1
    ip address 80.19.4.210 255.255.255.0
    !
    access-list 110 deny tcp host 80.19.3.25 any eq www
    access-list 110 permit tcp any any eq www
    !
    route-map proxy-redir permit 10
    match ip address 110
    set ip next-hop 80.19.3.25




    thanks a lot

    xavier
     
    Casto, Dec 13, 2003
    #1
    1. Advertisements

  2. http://www.squid-cache.org/Doc/FAQ/FAQ-17.html#ss17.5

    Use wccp if you can, very easy, route-map if you ned to.

    alan
     
    Alan Strassberg, Dec 15, 2003
    #2
    1. Advertisements

  3. Casto

    Casto Guest

    i complete my question :
    does a squid server accept paquets like a router ?
    paquet destination : eth : [squid mac address] and ip[real ip
    destination of the web server].
    thanks

    xavier
     
    Casto, Dec 15, 2003
    #3
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.