[nsp] forcing users through http/smtp proxy - how?
matthew zeier
mrz at intelenet.net
Sun Jun 29 22:06:22 EDT 2003
That works but I wanted more of a transparent method.
I think with WCCP and Squid I can do this.
----- Original Message -----
From: "Dmitri Kalintsev" <dek at hades.uz>
To: <cisco-nsp at puck.nether.net>
Sent: Sunday, June 29, 2003 7:27 PM
Subject: Re: [nsp] forcing users through http/smtp proxy - how?
> Put an ACL to disallow them connecting with anything but your proxy on the
> ports you want.
>
> acce 100 perm tcp any 1.1.1.1 eq 25
> acce 100 deny tcp any any eq 25
> acce 100 perm tcp any 2.2.2.2 eq 80
> acce 100 deny tcp any any eq 80
> acce 100 perm ip any any
>
> Brutal, but works. :) You'll have to let them know that you're doing that
> first, of course.
>
> On Sat, Jun 28, 2003 at 03:20:31PM -0700, matthew zeier wrote:
> >
> > I have T1 customers coming into a 7200 and for port 80 or 25 I want to
force
> > them through certain web proxies or smtp proxies.
> >
> > What's the best way to do this?
> >
> > Thanks.
> >
> > --
> > matthew zeier - "Nothing in life is to be feared. It is only to be
> > understood." - Marie Curie
> >
> > _______________________________________________
> > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > http://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> ---end quoted text---
>
> --
> D.K.
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list