6 Replies Latest reply on Nov 6, 2009 3:43 AM by foliveir

    Webwasher and WCCP

      Hello,

       

      I am having some issues setting up WCCP with a Cisco 5500.

       

      So it can see the 5500 but when it is enabled for only ports 80 and 8080, it kills all internet traffic completely.

       

      The setup is pretty simple. Just don't understand whats going on.

       

      Any assistance is greatly appreciated.

       

      Thanks

        • 1. Re: Webwasher and WCCP
          foliveir

          Hello Pdoyle,

           

          I'm moving this thread to the Web Gateway sub community. Meanwhile did you perform packet capture in the segment between the McAfee Web Gateway (Webwasher) and the WCCP router ? And if so do you see anything that may shed a bit more light into the issue ?

           

          With my best regards,

          • 2. Re: Webwasher and WCCP

            Yes we do see minimal traffic, but I think that is just the two pieces of equipment talking.

             

            But we have to immediately turn it off as no one can get out to the internet.

            • 3. Re: Webwasher and WCCP

              Hi PDoyle,

               

              I think I have seen something like this before. Did you reboot your webwasher after you enabled WCCP? there is an iptables rule that has to be set for this to work and that only happens after a rebbot as far as I know.

              • 4. Re: Webwasher and WCCP

                I have rebooted. Still the same issue.

                • 5. Re: Webwasher and WCCP

                  mmmhhh. You are not seeing any webwasher block messages, right? traffic just times out? It could be a routing issue. Webwasher needs to be able to send traffic back to the clients. Try to ping one of your client IPs from the webwasher commandline.

                  I am sure you checked that, but is the transparent proxy checkbox set for proxy port 9091?

                  • 6. Re: Webwasher and WCCP
                    foliveir

                    Hello Pdoyle,

                     

                    If you use an access-list to constrain the WCCP traffic to a single host you can perform testing without impacting the general infrastructure and then check with a network sniffer if there is traffic back and forth between the router and the McAfee Web Gateway (Webwasher) and you can also sniff between the router and the client to see if there is any reply back.

                     

                    Let us know if you see any traffic then.

                     

                    HTH