Port redirection on a cisco router
Hi team, Am looking in a way I can forward any traffic passing thr a cisco router to use a specific host. i.e DNS. Such that, any one I give connection via any last mile, I will force them use specific services from specific hosts. What I mean is, if any of my users specify a dns like 8.8.8.8, I will force him use my DNS. Version of the cisco IOS is 12.4. Pls Assist. Edwin Ngige 254 722 841853
WCCP ver2 From: skunkworks-bounces@lists.my.co.ke [mailto:skunkworks-bounces@lists.my.co.ke] On Behalf Of Edwin Ngige Sent: Friday, November 18, 2011 8:49 AM To: Skunkworks Mailing List Subject: [Skunkworks] Port redirection on a cisco router Hi team, Am looking in a way I can forward any traffic passing thr a cisco router to use a specific host. i.e DNS. Such that, any one I give connection via any last mile, I will force them use specific services from specific hosts. What I mean is, if any of my users specify a dns like 8.8.8.8, I will force him use my DNS. Version of the cisco IOS is 12.4. Pls Assist. Edwin Ngige 254 722 841853
Hey Im not sure whether I can what you want but that seems a DoS of some sort, since as you have mentioned you would like users using hosts like 8.8.8.8 get served by another host of your specification. Well i would tweak this in different ways: 1. Use DHCP option to push my specific DNS servers to theirs network (its your last mile, meaning you can configure this) 2. This is dirty but you can NAT all the IP's in question to your destined specific host i.e. NAT 8.8.8.8 to my specific DNS servers (The more I called this a DoS) 3. Apply route maps to filter the nodes and forward them to my specific IP's All are unethical but can serve you! ./TheMburu On Fri, Nov 18, 2011 at 2:53 AM, Tony Gacheru <tonygacheru@gmail.com> wrote:
WCCP ver2
*From:* skunkworks-bounces@lists.my.co.ke [mailto: skunkworks-bounces@lists.my.co.ke] *On Behalf Of *Edwin Ngige *Sent:* Friday, November 18, 2011 8:49 AM *To:* Skunkworks Mailing List *Subject:* [Skunkworks] Port redirection on a cisco router
Hi team,
Am looking in a way I can forward any traffic passing thr a cisco router to use a specific host. i.e DNS. Such that, any one I give connection via any last mile, I will force them use specific services from specific hosts. What I mean is, if any of my users specify a dns like 8.8.8.8, I will force him use my DNS. Version of the cisco IOS is 12.4. Pls Assist.
Edwin Ngige 254 722 841853
_______________________________________________ Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
-- Conservatism is the adherence to the old tried against the new untried.
On 18 November 2011 08:49, Edwin Ngige <edwinngige@gmail.com> wrote:
Hi team,
Am looking in a way I can forward any traffic passing thr a cisco router to use a specific host. i.e DNS.
Such that, any one I give connection via any last mile, I will force them use specific services from specific hosts. What I mean is, if any of my users specify a dns like 8.8.8.8, I will force him use my DNS. Version of the cisco IOS is 12.4. Pls Assist.
Edwin Ngige 254 722 841853
Last time i wanted to achieve something of this nature i used 2 things a) route map b) access-list. Wilson. _______________________________________________
Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
On 22 November 2011 10:14, Thuo Wilson <lixton@gmail.com> wrote:
On 18 November 2011 08:49, Edwin Ngige <edwinngige@gmail.com> wrote:
Hi team,
Am looking in a way I can forward any traffic passing thr a cisco router to use a specific host. i.e DNS.
Such that, any one I give connection via any last mile, I will force them use specific services from specific hosts. What I mean is, if any of my users specify a dns like 8.8.8.8, I will force him use my DNS. Version of the cisco IOS is 12.4. Pls Assist.
Edwin Ngige 254 722 841853
Last time i wanted to achieve something of this nature i used 2 things a) route map b) access-list.
Wilson.
I realised i didnt help by my statement so here we go,
Something like this; access-list 140 permit udp 192.168.0.0 0.0.255.255 any eq http access-list 140 permit udp 172.16.0.0 0.0.255.255 any eq ftp route-map REDIRECT-XYZ permit 10 match ip address 140 set ip next-hop 1.2.3.4 Then redirect (DNS/HTTP etc) port from firewall.(iptables?) E&OE. Wilson./
_______________________________________________
Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
On 22 November 2011 11:17, Thuo Wilson <lixton@gmail.com> wrote:
On 22 November 2011 10:14, Thuo Wilson <lixton@gmail.com> wrote:
On 18 November 2011 08:49, Edwin Ngige <edwinngige@gmail.com> wrote:
Hi team,
Am looking in a way I can forward any traffic passing thr a cisco router to use a specific host. i.e DNS.
Such that, any one I give connection via any last mile, I will force them use specific services from specific hosts. What I mean is, if any of my users specify a dns like 8.8.8.8, I will force him use my DNS. Version of the cisco IOS is 12.4. Pls Assist.
Edwin Ngige 254 722 841853
Last time i wanted to achieve something of this nature i used 2 things a) route map b) access-list.
Wilson.
I realised i didnt help by my statement so here we go,
Something like this;
access-list 140 permit tcp 192.168.0.0 0.0.255.255 any eq http access-list 140 permit tcp 172.16.0.0 0.0.255.255 any eq ftp
route-map REDIRECT-XYZ permit 10 match ip address 140 set ip next-hop 1.2.3.4
Then redirect (DNS/HTTP etc) port from firewall.(iptables?)
E&OE.
Wilson./
Dont forget http is tcp. This was for illustration purpose. Wilson.
_______________________________________________
Skunkworks mailing list Skunkworks@lists.my.co.ke ------------ List info, subscribe/unsubscribe http://lists.my.co.ke/cgi-bin/mailman/listinfo/skunkworks ------------
Skunkworks Rules http://my.co.ke/phpbb/viewtopic.php?f=24&t=94 ------------ Other services @ http://my.co.ke
participants (4)
-
Edwin Ngige -
TheMburu George -
Thuo Wilson -
Tony Gacheru