I'm currently doing this with a bridge interface and ebtables on a linux box. But we would like to replicate this using some old Cisco hardware we have laying around. (Thinking 2651)
Mind you I'm not really that knowledgeable with IOS, and I don't even know if this is possible.
I've got a transparent bridge (firewall) set up blocking specific traffic, but where the magic lies is that we redirect all web traffic to an outside website that displays a message stating that their service has been suspended and for them to call into the billing dept.
Basically it's a captive portal with no exit.
Hopefully that makes sense. This is a tool we use for soft-disconnecting users for nonpayment. They normally live in a vlan which is public internet. When we cut them off we move them to a vlan that sits behind this transparent firewall.
Mind you I'm not really that knowledgeable with IOS, and I don't even know if this is possible.
I've got a transparent bridge (firewall) set up blocking specific traffic, but where the magic lies is that we redirect all web traffic to an outside website that displays a message stating that their service has been suspended and for them to call into the billing dept.
Basically it's a captive portal with no exit.
Hopefully that makes sense. This is a tool we use for soft-disconnecting users for nonpayment. They normally live in a vlan which is public internet. When we cut them off we move them to a vlan that sits behind this transparent firewall.