Forcing traffic through proxy using Route-maps

BADfish10BADfish10 Member Posts: 88 ■■□□□□□□□□
Hi Guys a Quick Question any pointers would be very well recived.

i have a 3560 to play with and i am trying to push traffic from 2 vlans (User) and (Guest) through a inline proxy connected in a loop only when they are accessing content outside of the Local network.

so if user access's a local server then not sent through proxy however if they access the internet the proxy is used.

Now i have been thinking Policy based routing with route-map's but am wondering what set command to ues some pointers would be helpful!

the proxy can has 2 interfaces inside and outside currently both sit in a single vlan but this can be changed.




  • ColbyGColbyG Member Posts: 1,264
    Here is the relevant config from my 1811:
    track 123 rtr 10 reachability
    interface Vlan15
     description WIRELESS
     ip address
     ip nat inside
     ip policy route-map PROXY_REDIRECT
    ip access-list extended PROXY_REDIRECT
     deny   tcp any any neq www
     deny   tcp host any
     permit tcp host any time-range WORK_DAY
     deny   ip any any
    ip sla 10
    ip sla schedule 10 life forever start-time now
    route-map PROXY_REDIRECT permit 10
     match ip address PROXY_REDIRECT
     set ip next-hop verify-availability 10 track 123
    time-range WORK_DAY
     periodic weekdays 8:00 to 17:3

    You probably just want to use the ACL and route-map, but mine also tracks the reachability of the proxy and if it's down traffic bypasses it and goes straight out.
  • BADfish10BADfish10 Member Posts: 88 ■■□□□□□□□□
    "You Good Sir" are a star

    Nice to know i was not miles off and with time may of got there
    i like the Track object and that was going to be my next Question icon_thumright.gif
    You have saved me alot of guessing.

    Can anyone recomend some litrature on Route-Map's i have Safari so any Cisco Press is Cool


Sign In or Register to comment.