Re: intercept and redirect
OK some people are taking this 'PIX doesn't route. period.' thing too far. No it's not a router, yes it has a routing table. What does that have to do with this anyway? You don't need a router to do this. It's not adding a new subnet or anything, just redirecting to an existing host. If it couldn't permit/deny or VIP address to specific hosts or subnets, it wouldn't be anything at all but a boat anchor. However I just realized something, if host B isn't behind the firewall, you can't do it with just a PIX. Best you could do is change the DNS entries in that scenario. Where is this host B? If you're trying to forward a URL, try setting up a forward page on the existing box perhaps? Is it ALL traffic to a specific IP? Allen - Original Message - From: "ItsMe" <[EMAIL PROTECTED]> Newsgroups: groupstudy.cisco To: <[EMAIL PROTECTED]> Sent: Thursday, March 22, 2001 9:06 PM Subject: Re: intercept and redirect > PIX, by itself doesn't route. It won't work. > > "Doug Roberts" <[EMAIL PROTECTED]> wrote in message > [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > > I've had a request to have our Pix firewall catch inbound traffic headed > > for host A and redirect it to host B. We do not have NAT enabled on the > Pix > > (ver 5.1). > > > > Am I missing something? I don't see a way to do this. > > > > > > Doug > > == > > "There are a lot of interesting people here, a pretty high concentration > of > > creative, interesting, smart people. You just have to make an effort to > > group them together, because they're interspersed with a lot of morons." > > > > Aimee Mann as quoted in The Onion > > == > > > > _ > > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > > > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: intercept and redirect
PIX, by itself doesn't route. It won't work. "Doug Roberts" <[EMAIL PROTECTED]> wrote in message [EMAIL PROTECTED]">news:[EMAIL PROTECTED]... > I've had a request to have our Pix firewall catch inbound traffic headed > for host A and redirect it to host B. We do not have NAT enabled on the Pix > (ver 5.1). > > Am I missing something? I don't see a way to do this. > > > Doug > == > "There are a lot of interesting people here, a pretty high concentration of > creative, interesting, smart people. You just have to make an effort to > group them together, because they're interspersed with a lot of morons." > > Aimee Mann as quoted in The Onion > == > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
Re: intercept and redirect
Not sure exactly what kind of traffic or how your network is set up. If it's using virtual IPs then just remap to the other internal address with that VIP. If not you could try creating a VIP on the pix (static/conduit or ACL) and have it redirect like that. I don't see why this wouldn't work. - Original Message - From: "Buri, Heather H" <[EMAIL PROTECTED]> To: "'Doug Roberts'" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, March 22, 2001 1:23 PM Subject: RE: intercept and redirect > This would be a classic situation for Policy Based routing but I am not sure > if this would work on a PIX. I am curious to see what others have to say > who are more experienced with the PIX functionality. > > Heather Buri > CSC Technology Services - Houston > > Phone: (713)-961-8592 > Fax: (713)-961-8249 > Mobile: > Alpha Page: > > Mailing: 1360 Post Oak Blvd > Suite 500 > Houston, TX 77056 > > > > -Original Message- > From: Doug Roberts [mailto:[EMAIL PROTECTED]] > Sent: Thursday, March 22, 2001 12:58 PM > To: [EMAIL PROTECTED] > Subject: Pix: intercept and redirect > > > I've had a request to have our Pix firewall catch inbound traffic headed > for host A and redirect it to host B. We do not have NAT enabled on the Pix > (ver 5.1). > > Am I missing something? I don't see a way to do this. > > > Doug > == > "There are a lot of interesting people here, a pretty high concentration of > creative, interesting, smart people. You just have to make an effort to > group them together, because they're interspersed with a lot of morons." > > Aimee Mann as quoted in The Onion > == > > _ > FAQ, list archives, and subscription info: > http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > > _ > FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html > Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] > _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
RE: intercept and redirect
This would be a classic situation for Policy Based routing but I am not sure if this would work on a PIX. I am curious to see what others have to say who are more experienced with the PIX functionality. Heather Buri CSC Technology Services - Houston Phone: (713)-961-8592 Fax:(713)-961-8249 Mobile: Alpha Page: Mailing:1360 Post Oak Blvd Suite 500 Houston, TX 77056 -Original Message- From: Doug Roberts [mailto:[EMAIL PROTECTED]] Sent: Thursday, March 22, 2001 12:58 PM To: [EMAIL PROTECTED] Subject: Pix: intercept and redirect I've had a request to have our Pix firewall catch inbound traffic headed for host A and redirect it to host B. We do not have NAT enabled on the Pix (ver 5.1). Am I missing something? I don't see a way to do this. Doug == "There are a lot of interesting people here, a pretty high concentration of creative, interesting, smart people. You just have to make an effort to group them together, because they're interspersed with a lot of morons." Aimee Mann as quoted in The Onion == _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED] _ FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]