Tuesday 5 July 2016

Setting up route maps with the ASA (squid proxy)

Route maps are a convenient way of re-routing traffic dependent on specific criteria (like source, destination and so on.)

The other day I came across a good use case for them when implementing a transparent proxy with squid.

I wanted to ensure that a specific subnet would get there web traffic (tcp/80 and tcp/443) re-routed to a different hop (rather than the default gateway.)

To create the relevant route map we should firstly create the following ACL's to define our traffic:

access-list squidfilter extended permit tcp any eq www
access-list squidfilter extended deny ip any any

route-map squidredirect permit 10

match ip address squidfilter

set ip next-hop <squid-ip>


Post a Comment