8 Replies Latest reply: Feb 3, 2015 6:03 PM by Jon Scholten RSS

    WCCP Return Method

      Hi, I have connected a Cisco 3750 switch with MWG in a single network. I found the return method as displayed by "show ip wccp 51 detail" is GRE instead of L2. Is there any means to change from GRE to L2? Or MWG only support GRE return method?

        • 1. Re: WCCP Return Method
          asabban

          Hello,

           

          according to my knowledge WCCP is utilized only to have traffic redirected from the Client to MWG. MWG will not play the response back via WCCP, but will respond directly to the client.

           

          Best,

          Andre

          • 2. Re: WCCP Return Method
            Troja

            Hi all,

            i saw the same behavior today with a Cisco 65xx. Are there any new infos available?

             

            Can i configure some additional settings anywhere on MWG so that L2 is used for WCCP return packages?

             

            Best,

            Thorste

            • 3. Re: WCCP Return Method
              Jon Scholten

              Hi Thorsten,

               

              Is there an actual problem?

               

              As Andre stated, the return method is not used because Web Gateway returns the traffic directly.

               

              Does the fact that MWG simply states GRE for the return method cause the router to remove the MWG from it's pool? If so, that would be the first I've heard of that. I would double check to see if there isnt something else causing issues.

               

              Best,

              Jon

              • 4. Re: WCCP Return Method
                Troja

                Hi Jon,

                yes, this is a big problem. Today we are implementing a POC for MWG at a customer where Bluecoat SG is actually used.

                 

                WCCP return method: Today with Bluecoat both directions can be configured using L2 or IP-GRE. This should also be possible with MWG.

                 

                My biggest problem is, that WCCP is not functioning well. We have to configure different WWCP Groups using TCP or UDP with different ports.

                - WCCP Group 1: using TCP, Ports: 80 (HTTP), 443 (HTTPS), 20 (FTP-Data), 21, (FTP), 554 (MMS), 1755 (RTSP), RTMP (1935).

                - WCCP Group 2, using UDP with different ports

                 

                Is this possible to configure in any way with MWG?
                - When configuring MWG for each WCCP Group a proxy IP and port must be defined?
                - When configuring MWG for WCCP Group 1 as listed above no traffic beside HTTP/HTTPS is working.

                - When configuting MWG for WCCP Group 1 as listed above but only using ports 20 and 21 a FTP Session can be established but the DATA connections always fails.

                 

                My question is now. How can this be configured with MWG?

                 

                Best,

                Thorsten

                • 5. Re: WCCP Return Method
                  Jon Scholten

                  Hi Thorsten,

                   

                  That makes perfect sense! I feel your issue is not related to the return method (maybe it is a problem for FTP but I'm not sure).

                   

                  More it is related to the type of traffic you are attempting to send to the MWG. MWG is a HTTP/HTTP/FTP Proxy. But, MWG does not support FTP over WCCP.

                   

                  This is why only HTTP/HTTPS is working when using WCCP.

                   

                  For the other traffic MMS, RTSP, and RTMP, you will need to tunnel that traffic in order for it to work. I have only done this with RTMP. But below is an example of how to get that working. See ruleset attached as well.

                  1_wccp_ports.png 2_wccp_rules_tunneledtraffic.png

                   

                  Best,

                  Jon

                  • 6. Re: WCCP Return Method
                    Troja

                    Hi Jon,

                    is this right?

                     

                    - WCCP can never be used for streaming and FTP, neither the whole WCCP configuration on the CISCO router would be changed??

                    - When tunneling other traffic like MMS, RTSP and so on this traffic is not checked in any way. Also streams are not sent to the helix stream server.

                    - Helix Stream Server cannot be used with WCCP.

                     

                    Best,

                    Thorsten

                    • 7. Re: WCCP Return Method
                      Jon Scholten

                      Hi Thorsten,

                       

                      -FTP over WCCP does not work (Webwasher: FTP with WCCP - https://kc.mcafee.com/corporate/index?page=content&id=KB64193)

                      -WCCP can be used for streaming, but the content would be tunnelled. Using the rules I gave you can at least make sure its not to a malicious destination.

                      -I have not tested using the helix server with WCCP. Theoretically you could create a new service ID and forward the traffic to the proxy port of the helix server (instead of using 9091 as outlined above).

                       

                      Best,

                      Jon

                      • 8. Re: WCCP Return Method
                        Jon Scholten

                        Was reading over this awesome thread again, FTP over WCCP is now supported with 7.5.0:

                        Web Gateway 7.5.0 Release Notes - https://kc.mcafee.com/corporate/index?page=content&id=PD25428