I have configure my L3 switch to redirect the HTTP traffic to squid box: from squid-wiki: ! interface Ethernet0 description To Office Ethernet ip address ROUTERIP 255.255.255.0 no ip directed-broadcast no ip mroute-cache ip policy route-map proxy-redir ! access-list 110 deny tcp host SQUIDIP any eq www access-list 110 permit tcp any any eq www route-map proxy-redir permit 10 match ip address 110 set ip next-hop SQUIDIP but nothing is redirected, so I thought that I can try to change the access-list above to something like that(and don't change any thing else): access-list 10 permit 192.168.1.0 0.0.0.255 route-map proxy-redir permit 10 match ip address 10 (192.168.1.0 is the clients Network) my questions are: 1 - I don't understand the logic of the default access-list,What does it do to redirect HTTP traffic (why we deny tcp packet from squid?) and why redirection didn't work? 2- Is my suggestion will work for redirection?
