One suggestion is to use two route-map's, one to permit traffic to pass straight through the cache and one with the "set ip next-hop" feature. This second route map will match an access-list configured to capture web traffic, something like the following should do it:
Fastethernet 1/0 ip policy route-map proxy-redirect out route-map proxy-redirect permit 10 match ip address 101 route-map proxy-redirect permit 10 match ip address 110 set ip next-hop abc.abc.abc.abc [IP ADDRESS OF SQUID SERVER] access-list 101 remark STRAIGHT THROUGH TRAFFIC access-list 101 permit tcp xxx.xxx.xxx.xxx 0.0.0.255 any any [RANGE OF SOURCE TRAFFIC TO GO THROUGH] access-list 110 remark TRAFFIC TO BE REDIRECTED TO WEB-CACHE access-list 110 permit tcp xxx.xxx.xxx.xxx 0.0.0.255 any eq web [RANGE OF SOURCE TRAFFIC TO BE REDIRECTED] Place all networks to be cached in list 110 and any you don't want to be cached in list 101. For example if you wanted to ensure that the entire 192.168.100.0 network is cached except for host 192.168.0.254 then do the following: access-list 101 permit tcp host 192.168.0.1 any access-list 110 permit tcp 192.168.100.0 0.0.0.255 any eq web Remember to put your Squid (proxy) server in the exceptions list otherwise it'll never work! Hope this helps... Cheers, Scott Riley CCNP CCDA MCSE (NT4) Senior Network Engineer Firstnet Services Ltd W: http://www.firstnet.net.uk [This message subject to: http://www.firstnet.net.uk/disclaimer.html] -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Ing. Milton Amador Z. Sent: Monday, 14 January 2002 16:41 To: [EMAIL PROTECTED] Subject: I need Help in Cisco [7:31875] I have one Cisco 3640 i need to send all my trafic www to one linux box, in this linux box i have Proxy squid, but i don4t know how make this. Somebody know how make this? Thanks Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=31882&t=31875 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
