cancel
Showing results for 
Search instead for 
Did you mean: 
PDoyle
Level 7

Webwasher and WCCP

Hello,

I am having some issues setting up WCCP with a Cisco 5500.

So it can see the 5500 but when it is enabled for only ports 80 and 8080, it kills all internet traffic completely.

The setup is pretty simple. Just don't understand whats going on.

Any assistance is greatly appreciated.

Thanks

0 Kudos
6 Replies
foliveir
Level 11

Re: Webwasher and WCCP

Hello Pdoyle,

I'm moving this thread to the Web Gateway sub community. Meanwhile did you perform packet capture in the segment between the McAfee Web Gateway (Webwasher) and the WCCP router ? And if so do you see anything that may shed a bit more light into the issue ?

With my best regards,

0 Kudos
PDoyle
Level 7

Re: Webwasher and WCCP

Yes we do see minimal traffic, but I think that is just the two pieces of equipment talking.

But we have to immediately turn it off as no one can get out to the internet.

0 Kudos
schecka
Level 9

Re: Webwasher and WCCP

Hi PDoyle,

I think I have seen something like this before. Did you reboot your webwasher after you enabled WCCP? there is an iptables rule that has to be set for this to work and that only happens after a rebbot as far as I know.

0 Kudos
PDoyle
Level 7

Re: Webwasher and WCCP

I have rebooted. Still the same issue.

0 Kudos
foliveir
Level 11

Re: Webwasher and WCCP

Hello Pdoyle,

If you use an access-list to constrain the WCCP traffic to a single host you can perform testing without impacting the general infrastructure and then check with a network sniffer if there is traffic back and forth between the router and the McAfee Web Gateway (Webwasher) and you can also sniff between the router and the client to see if there is any reply back.

Let us know if you see any traffic then.

HTH

0 Kudos
schecka
Level 9

Re: Webwasher and WCCP

mmmhhh. You are not seeing any webwasher block messages, right? traffic just times out? It could be a routing issue. Webwasher needs to be able to send traffic back to the clients. Try to ping one of your client IPs from the webwasher commandline.

I am sure you checked that, but is the transparent proxy checkbox set for proxy port 9091?

0 Kudos