Solved

Traffic redirection with ASA 5510

Posted on 2008-10-01
5
1,323 Views
Last Modified: 2009-12-16
I'm trying to find out if it's possible to do traffic redirection with an ASA 5510.

I basically want to say redirect All HTTP traffic going to site X to site A.

Possible?
0
Comment
Question by:condorcape
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 32

Accepted Solution

by:
harbor235 earned 125 total points
ID: 22614293


Not possible, you need a geographical load balancer. There are some other things you could do with DNS but it requires changing the url;

i.e www.mydomain.com  (site1)
     www.mydomain2.com (site2)

harbor235 ;}
0
 

Author Comment

by:condorcape
ID: 22614343
I know you can do things like that with squid.

http://ex-parrot.com/~pete/upside-down-ternet.html :)

I basically want to redirect all traffic that goes to facebook to an error message running on one of our internal servers.
0
 

Author Comment

by:condorcape
ID: 22614384
I mean iptables*

I'm basically looking for the equivalent of this command;

/sbin/iptables -A PREROUTING -s 192.168.0.0/255.255.255.0 -p tcp -j DNAT --to-destination 64.111.96.38
0
 
LVL 32

Expert Comment

by:harbor235
ID: 22614680


That would be redirection from outside to inisde, i think he means to redirect to a differnet site all together, am i correct in assuming this? if its just port redirection outside to inside then yes the asa can do that.

harbor235 ;}
0
 

Author Comment

by:condorcape
ID: 22614726
I think it needs to be done on the proxy :(

Next step is getting WCCP & squid to work.

Thanks for the help!
0

Featured Post

Creating Instructional Tutorials  

For Any Use & On Any Platform

Contextual Guidance at the moment of need helps your employees/users adopt software o& achieve even the most complex tasks instantly. Boost knowledge retention, software adoption & employee engagement with easy solution.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

So, you're experiencing issues on your network and you've decided that you need to perform some tests to determine whether your cabling is good.  You're likely thinking that you may need to spend money which you probably don't have on hiring/purchas…
The use of stolen credentials is a hot commodity this year allowing threat actors to move laterally within the network in order to avoid breach detection.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

623 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question