I’m searching info about the possibility of redirect traffic based on origin IP to a webserver.
I have tried with PBR, like this:
ip access-list extended ClientesBloqueados
permit ip host CUSTOMER_IP any
route-map RedireccionPortal
match ip address ClientesBloqueados
set ip next-hop WEBSERVER_IP
interface virtual-template33
ip policy route-map RedireccionPortal
But it seems that not work.
Any idea?
The main purpose is send the web traffic from blocked PPPoE customers to a customized web page.
Policy-based routing is used to cause IP traffic to take a different route to the destination. Policy-based routing however will not change the destination to which the IP packet is going. So in your PBR solution, your traffic is reaching the web server, but the webserver sees a destination IP address different from its own, so it drops the traffic. What you need to do is create a captive portal, a web page to which users are sent if a customer is blocked. This is often used in WiFi implementations but it is not limited to them.
In order to redirect web traffic, there are several solutions:
HTTP redirect is one option, and both Cisco wireless controllers as well as the Cisco ASA support this feature. A second option is to use DNS redirect. When a client requests a WWW resource, the local DNS returns a different IP address (that of your web server) so that it will see your server rather than the intended site. This can be configured by simply providing a local DNS server to your client. Since you have control of the server, you can manipulate the records so that the desired redirect occurs.
Hopefully, this will give you some insight into researching these topics more deeply to find the solution that will be best for your situation. If you have any more questions, please let us know!