use cisco asdm to forward selected users to squid proxy

Hi,

I have a Cisco router asa 5505 and using ASDM I want to redirect some of our users (based on ip range preferably) to a server that is running squid as a web cache. If anyone can help point me in the right direction for this I would be very grateful as I am primarily a web developer and thus out of my comfort zone in this.
LVL 7
Daemon_ByteAsked:
Who is Participating?
 
HodepineCommented:
There might be a graphical way to do it, but I'm afraid I don't know it. Maybe someone else can answer that. That said, the command line version is just a matter of getting the access-list right and cut and paste the rest.

You can put a range if it's summarizable by wildcard masks.

For example hosts 10.1.1.64 - 79 would be 10.1.1.6 0.0.0.15.

You should know wildcardmasking before you do this, so if not the easiest is if you just use one line for each host:

access-list wccp extended permit tcp host 10.1.1.64 any eq www
access-list wccp extended permit tcp host 10.1.1.65 any eq www

And so on.

0
 
HodepineCommented:
I'm not sure if this feature is supported as low as the 5505, but if it is, the config is quite simple:

access-list wccp extended permit tcp 10.1.1.0 0.0.0.255 eq www (fill in your addresses of course)
access-list wccp_cache extended permit ip host <ip address of web cache> any
wccp web-cache redirect-list wccp group-list wccp_cache
wccp interface inside web-cache redirect in

You'll have to register the router as a wccp-router on your cache engine.
0
 
HodepineCommented:
Small typo in the first line of the access-lists:

access-list wccp extended permit tcp 10.1.1.0 0.0.0.255 any eq www (forgot the destination any).
0
 
Daemon_ByteAuthor Commented:
Is there a graphical part to do this? Would I have to alter the ip address on the first line for every IP or can I somehow put a range in here?
0
 
Daemon_ByteAuthor Commented:
I'm a web developer in a group of 3 that has suddenly gained IT department status so we're trying to catch up on things. Not a clue about wildcard masks but I will read up and decide if I will go that route or not. Thanks
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.