I have configured my MWG v 7.0.2 to use wccp from a cisco ASA
the MWG is sending the Hello and the ASA is responding with the "i see you" but traffic is not making it to the Gateway
I have 0.0.0.0 configured as the listening address, using wccp service id of 8 configured for http and https and using a GRE conneciton.
Question are there any secrets and is there a log file i am not finding that would aid in troubleshooting. The asa is using a different service id to forward another traffic group to a different proxy, it is working fine and when you do a show wccp on the the asa the data is the same for both service id's. The ACL on the ASA is showing to recieve hits. If i do a tcpdump on the MWG i see no traffic after the "i see you" from the asa.... Any ideas would be great...
Suggestions, what are you using 0.0.0.0 for? Could you send a screenshot of your WCCP settings on the Web Gateway? The proxy listener should be the physical IP of the Web Gateway, not "all IPs".
Also I had though that service IDs below 50 were reserved, common IDs I use are 51 or 91.
For listening IP make it the IP address of the Web Gateway.
For the service ID make it 51 and this has the match the ID in the ASA. Make them both 51.
If you are using many different VLAN's, it helps to have the Web Gateway in the same VLAN as your ASA. If you don't you could run into little issues forwarding traffic.
Make sure to setup the proxy listener port in WCCP. This needs to be under HTTP Proxy as well with the same listener address and proxy port.
Send WCCP traffic to the Web Gateway via ACL.
Also if you have true "wccp" (web-cache) (not a service group) already setup on the ASA, like you have mentioned, you need to remove "web-cache" from the inside interface under Redirection, click Apply, then re-add it and click Apply. There may be a bug where wccp is always default and no traffic ever gets send out to the service groups. Atleast that is what happen to me.Message was edited by: jont717 on 5/25/11 1:09:30 PM EDT
thanx, i forgot to follow up, looks like it was possible a combination of things, i changed the listening interface from the 0.0.0.0 and removed and re-added the ip wccp command from the ASA..thanx.