Reset Search
 

 

Article

How To Redirect Web traffic to a Content Filter Such as ForcePoint

« Go Back

Information

 
TitleHow To Redirect Web traffic to a Content Filter Such as ForcePoint
Objective
The following configuration redirects all traffic to a content filter (203.0.113.24) and allows 
all other traffic to go directly to the web. A probe is monitoring the content filter and If the 
probe fails, then the traffic will bypass the content filter and be routed to the web based on 
the routing table.
Environment
S-Series
Procedure

1. Create an access-list profiling HTTP and HTTPS traffic.
  ip access-list extended WebFilter
  permit tcp any any eq 80
  permit tcp any any eq 8080
  permit tcp any any eq 443
  exit


2.  Configure a route-map identifying the access list and defining the next-hop to which traffic should be redirected.
 route-map policy WebFilter permit 10
  match ip address WebFilter
  set next-hop 203.0.113.24
  exit


3.  Create a probe and configure the parameters
probe WebFilter icmp
  description "WebFilter Alive"
  faildetect interval 2
  passdetect interval 5
  inservice
  exit


4.  Configure the IP to be monitored by the probe in config mode.
route-map probe 203.0.113.24 probe-name WebFilter

5.  Apply the  probe to the   VLAN interface of the users that should be affected by the route-map.

Interface vlan.0.10
ip address 195.51.100.1 255.255.255.0 primary
  ip policy route-map WebFilter
  no shutdown


 
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255