0 Replies Latest reply on Oct 21, 2013 5:00 PM by jebeling

    WCCP with Multiple Service IDs for Using Different Gateways or Clusters

    jebeling

      If you want to have a single router or switch that uses WCCP to two different web gateways or sets of web gateways you can do so with multiple services and redirect lists. This is useful when there is an existing web gateway already using WCCP and the desire is to test a new web gateway on the production network for a subset of clients without disturbing the bulk of the clients.

       

      The following example is for an existing service ID of 90 and a new service ID of 51, internal addresses all in 192.168.0.0/16, McAfee Web Gateway IP address of 192.168.0.222 and original web gateway at 192.168.0.221, you want clients matching 192.168.1.0/24 to use 51 and all other clients to keep using the service ID of 90. Note the first command which is required to properly check both services and access lists and the addition of the “denies” (of the new web gateway and the clients that will use the new service) directly before the permit in the original access list (wccplist1).

       

      ip wccp check services all

       

      ip wccp 90 redirect-list wccplist1     

      ip wccp 51 redirect-list wccplist2

       

      ip access-list extend wccplist1

      deny host 192.168.0.222

      deny host 192.168.0.221

      deny ip 192.168.1.0 0.0.0.255 any

      permit tcp 192.168.0.0 0.0.255.255 any eq www

      deny ip any any

       

      ip access-list extend wccplist2

      deny host 192.168.0.222

      deny host 192.168.0.221

      permit tcp 192.168.1.0 0.0.0.255 any eq www

      deny ip any any

       

      The above is an untested example, however a similar configuration has been tested and is operational on 15.0(1)M3, RELEASE SOFTWARE (fc2)

       

      If this or a similar configuration works for you, please comment below with your configuration and version used