How can I forward all web traffic to a firewall from a Cisco ASA 5100?

[Scottjc85]

Hi There,

We currently have two Cisco ASA 5100 routers at different physical locations and they are connected via a site-to-site tunnel VPN. This connection is active and working as it should.

Currently ALL network traffic from our remote site is forwarded over the VPN to the router at my local site, which is how we want it, however we have a Check Point firewall on the same subnet as our sites ASA router and we therefore want all WEB traffic to be forwarded to the firewall from this for filtering.

Just to confirm, the Check Point firewall is outside of the VPN it is not between the 2 routers!

Can you please tell me how this can be configured?

Thanks, Scott

 

[unclerico]

so you want only web traffic to be re-routed through the check point and all other traffic to go a different route??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)

 

[Scottjc85]

Yes, I want all other traffic to stay as it is and just web traffic being forwarded from the ASA to the Check point firewall.

 

[unclerico]

you're looking to policy route and the ASA doesn't support this feature. you need to put a cisco router in between the ASA and the check point so it can policy route web traffic to the check point and all other traffic as normal

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)