troubleshooting Question
Cisco Router - redirect all customer traffic to specific IP and Port ( eg. www and domain )
jrhue asked on
When a customer has not paid or thier service has been disabled for any reason, we send them to a web page with our name and phone number and a message to call us.
With customers where we have a linux based firewall, I simply use the following iptables commands
#### let thru all dns traffic. DNAT all www traffic to one IP address (blocked service screen )
#### block all other traffic from the customer's subnet
#### customers interface is eth1 --- the public facing interface is eth0
#iptables -t nat -A PREROUTING -i eth1 -p udp --dport domain -j ACCEPT
#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport www -j DNAT --to 11.22.33.44
#iptables -t nat -A PREROUTING -s 55.66.77.88/27 -j DROP
We have many customers with just Cisco 1600/1720/2500 routers and no firewall.
How do I do the same redirection with a standard cisco router?
They are all running IOS 11 or higher.
With customers where we have a linux based firewall, I simply use the following iptables commands
#### let thru all dns traffic. DNAT all www traffic to one IP address (blocked service screen )
#### block all other traffic from the customer's subnet
#### customers interface is eth1 --- the public facing interface is eth0
#iptables -t nat -A PREROUTING -i eth1 -p udp --dport domain -j ACCEPT
#iptables -t nat -A PREROUTING -i eth1 -p tcp --dport www -j DNAT --to 11.22.33.44
#iptables -t nat -A PREROUTING -s 55.66.77.88/27 -j DROP
We have many customers with just Cisco 1600/1720/2500 routers and no firewall.
How do I do the same redirection with a standard cisco router?
They are all running IOS 11 or higher.
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 1 Comment.
Learn from the best
Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.
Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 1 Comment.
Try for 7 days”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.