When a customer has not paid or thier service has been disabled for any reason, we send them to a web page with our name and phone number and a message to call us.
With customers where we have a linux based firewall, I simply use the following iptables commands
#### let thru all dns traffic. DNAT all www traffic to one IP address (blocked service screen )
#### block all other traffic from the customer's subnet
#### customers interface is eth1 --- the public facing interface is eth0
#iptables -t nat -A PREROUTING -i eth1 -p udp --dport domain -j ACCEPT
#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport www -j DNAT --to 18.104.22.168
#iptables -t nat -A PREROUTING -s 22.214.171.124/27 -j DROP
We have many customers with just Cisco 1600/1720/2500 routers and no firewall.
How do I do the same redirection with a standard cisco router?
They are all running IOS 11 or higher.