Solved

Traffic redirection with ASA 5510

Posted on 2008-10-01
5
1,322 Views
Last Modified: 2009-12-16
I'm trying to find out if it's possible to do traffic redirection with an ASA 5510.

I basically want to say redirect All HTTP traffic going to site X to site A.

Possible?
0
Comment
Question by:condorcape
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 125 total points
ID: 22614293


Not possible, you need a geographical load balancer. There are some other things you could do with DNS but it requires changing the url;

i.e www.mydomain.com  (site1)
     www.mydomain2.com (site2)

harbor235 ;}
0
 

Author Comment

by:condorcape
ID: 22614343
I know you can do things like that with squid.

http://ex-parrot.com/~pete/upside-down-ternet.html :)

I basically want to redirect all traffic that goes to facebook to an error message running on one of our internal servers.
0
 

Author Comment

by:condorcape
ID: 22614384
I mean iptables*

I'm basically looking for the equivalent of this command;

/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT --to-destination 64.111.96.38
0
 
LVL 32

Expert Comment

by:harbor235
ID: 22614680


That would be redirection from outside to inisde, i think he means to redirect to a differnet site all together, am i correct in assuming this? if its just port redirection outside to inside then yes the asa can do that.

harbor235 ;}
0
 

Author Comment

by:condorcape
ID: 22614726
I think it needs to be done on the proxy :(

Next step is getting WCCP & squid to work.

Thanks for the help!
0

Featured Post

Connect further...control easier

With the ATEN CE624, you can now enjoy a high-quality visual experience powered by HDBaseT technology and the convenience of a single Cat6 cable to transmit uncompressed video with zero latency and multi-streaming for dual-view applications where remote access is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

A Wildcard Certificate means all of your sub-domains will resolve to the same location, regardless of the non-SSL Document-Root specification. A user will need to purchase a wildcard SSL from a vendor or a reseller that supplies them. Similar to ha…
Is your computer hacked? learn how to detect and delete malware in your PC
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question