Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
1996 Views 4 Replies Latest reply: Feb 19, 2013 2:55 PM by wg-newb RSS
wg-newb Newcomer 4 posts since
Sep 19, 2012
Currently Being Moderated

Sep 26, 2012 1:16 PM

IOS WCCP and 7.2 Configuration

If you're having difficulties configuring WCCP with IOS, this will help you.  It wasn't difficult to turn up, but I was frustrated with the lack of available documentation.

 

IOS Router Config. 

 

 

conf t

 

access-list 120 deny ip host 192.168.100.16 any

access-list 120 deny ip host <host you don't want filtered>  any

access-list 120 permit tcp 192.168.100.0 0.0.0.255 any eq www

access-list 120 permit tcp 192.168.100.0 0.0.0.255 any eq 443

access-list 120 deny ip any any

 

access-list 10 permit 192.168.100.16

 

ip wccp web-cache group-list 10

ip wccp 91 redirect-list 120

int fa1/0.4 (interface on the router closest to clients you're trying to proxy)

  ip wccp 91 redirect in

 

 

Troubleshooting your config

 

show access-list 120 (will show you the hit counts.  You can see if your ACL is even being used)

 

show ip wccp

 

Will show the status of packets dropped or redirected and the WCCP protocol version

Also the Router Identifier is the WCCP device you want to define in the Web Gateway.

 

Global WCCP information:

    Router information:

        Router Identifier:                   192.168.168.10

        Protocol Version:                    2.0

 

    Service Identifier: 91

        Number of Service Group Clients:     1

        Number of Service Group Routers:     1

        Total Packets s/w Redirected:        33842

          Process:                           1104

          CEF:                               32738

        Service mode:                        Open

        Service Access-list:                 -none-

        Total Packets Dropped Closed:        0

        Redirect Access-list:                120

        Total Packets Denied Redirect:       81

        Total Packets Unassigned:            6

        Group Access-list:                   -none-

        Total Messages Denied to Group:      0

        Total Authentication failures:       0

        Total Bypassed Packets Received:     0

 

 

show ip wccp 91 view (shows attached proxies)

 

show ip wccp 91 detail (show if proxy is usable)

WCCP Client information:

        WCCP Client ID:          192.168.100.16

        Protocol Version:        2.0

        State:                   Usable

        Redirection:             L2

        Packet Return:           GRE

        Packets Redirected:      0

        Connect Time:            00:06:20

        Assignment:              MASK

 

 

        Mask  SrcAddr    DstAddr    SrcPort DstPort

        ----  -------    -------    ------- -------

        0000: 0x00000015 0x00000015 0x0000  0x0000

 

 

        Value SrcAddr    DstAddr    SrcPort DstPort CE-IP

        ----- -------    -------    ------- ------- -----

        0000: 0x00000000 0x00000000 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0001: 0x00000000 0x00000001 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0002: 0x00000000 0x00000004 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0003: 0x00000000 0x00000005 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0004: 0x00000000 0x00000010 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0005: 0x00000000 0x00000011 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0006: 0x00000000 0x00000014 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0007: 0x00000000 0x00000015 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0008: 0x00000001 0x00000000 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0009: 0x00000001 0x00000001 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0010: 0x00000001 0x00000004 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0011: 0x00000001 0x00000005 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0012: 0x00000001 0x00000010 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0013: 0x00000001 0x00000011 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0014: 0x00000001 0x00000014 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0015: 0x00000001 0x00000015 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0016: 0x00000004 0x00000000 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0017: 0x00000004 0x00000001 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0018: 0x00000004 0x00000004 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0019: 0x00000004 0x00000005 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0020: 0x00000004 0x00000010 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0021: 0x00000004 0x00000011 0x0000  0x0000  0xC0A86410 (192.168.100.16)

        0022: 0x00000004 0x00000014 0x0000  0x0000  0xC0A86410 (192.168.100.16)

 

 

also "debug ip wccp events" is a good troubleshooting command

More Like This

  • Retrieving data ...

Bookmarked By (0)