[nsp] forcing users through http/smtp proxy - how?

Matt Stevens matt at elevate.org
Mon Jun 30 09:41:36 EDT 2003 

Try using a route-map with 'set ip next-hop' - your proxies (at least http) will
need to have a 'transparent' mode.
--
matt


> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net 
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of matthew zeier
> Sent: Sunday, June 29, 2003 9:06 PM
> To: cisco-nsp at puck.nether.net
> Subject: Re: [nsp] forcing users through http/smtp proxy - how?
> 
> 
> That works but I wanted more of a transparent method.
> 
> I think with WCCP and Squid I can do this.
> 
> ----- Original Message ----- 
> From: "Dmitri Kalintsev" <dek at hades.uz>
> To: <cisco-nsp at puck.nether.net>
> Sent: Sunday, June 29, 2003 7:27 PM
> Subject: Re: [nsp] forcing users through http/smtp proxy - how?
> 
> 
> > Put an ACL to disallow them connecting with anything but 
> your proxy on the
> > ports you want.
> >
> > acce 100 perm tcp any 1.1.1.1 eq 25
> > acce 100 deny tcp any any eq 25
> > acce 100 perm tcp any 2.2.2.2 eq 80
> > acce 100 deny tcp any any eq 80
> > acce 100 perm ip any any
> >
> > Brutal, but works. :) You'll have to let them know that 
> you're doing that
> > first, of course.
> >
> > On Sat, Jun 28, 2003 at 03:20:31PM -0700, matthew zeier wrote:
> > >
> > > I have T1 customers coming into a 7200 and for port 80 or 
> 25 I want to
> force
> > > them through certain web proxies or smtp proxies.
> > >
> > > What's the best way to do this?
> > >
> > > Thanks.
> > >
> > > --
> > > matthew zeier - "Nothing in life is to be feared.  It is 
> only to be
> > > understood." - Marie Curie
> > >
> > > _______________________________________________
> > > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > > http://puck.nether.net/mailman/listinfo/cisco-nsp
> > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > ---end quoted text---
> >
> > -- 
> > D.K.
> > _______________________________________________
> > cisco-nsp mailing list  cisco-nsp at puck.nether.net
> > http://puck.nether.net/mailman/listinfo/cisco-nsp
> > archive at http://puck.nether.net/pipermail/cisco-nsp/
> >
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> http://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list