https://community.cisco.com/t5/application-networking/ip-spoofing/m-p/274672#M4102 <HTML><HEAD></HEAD><BODY><P>Hi Gilles</P><P>Thanks for the response. I still think the proxy requests are also being redirected by wccp. The clients browser is basically pointing to another proxy not the content engine. At the router these packets are redirected to the CE by WCCP.</P><P></P><P>On question 2 the version of the software is ACNS Release 4.2.3 (build b4 Oct 24 2002). However I think I might be missing something in my config because it never seems to execute the ssl bit of the login.</P><P></P><P>Thanks</P><P></P><P></P></BODY></HTML> Wed, 17 Mar 2004 07:22:22 GMT nambale 2004-03-17T07:22:22Z https://community.cisco.com/t5/application-networking/ip-spoofing/m-p/274670#M4100 <P>Hi I am trying to use a cisco cache engine module </P><P>in a 2611 with wccp and client IP spoofing enabled. Everything seems to work fine apart from </P><P>1. Proxy protocol redirected packets always appear to be coming from the cache engine rather than from the client IP ie the IP spoofing is not working for the proxy redirects. </P><P>2.Websites with authentication do not work when a client with another proxy configured rather than the cache engine is redirected by wccp to the cache engine.</P><P></P><P>The basic config is below:</P><P></P><P>Router:</P><P>ip wccp web-cache</P><P>ip wccp 95</P><P>ip wccp 98</P><P>interface FastEthernet0/0</P><P> description interface to Internet</P><P> ip address 192.168.27.9 255.255.255.0</P><P> no ip redirects</P><P> ip wccp web-cache redirect out</P><P> ip wccp 98 redirect out</P><P></P><P>interface FastEthernet0/1</P><P> description intreface to internal network</P><P> ip address 192.168.160.1 255.255.255.0</P><P> ip wccp 95 redirect out</P><P></P><P>interface Content-Engine1/0</P><P> ip address 192.168.158.1 255.255.255.0</P><P> ip wccp redirect exclude in</P><P>service-module external ip address 192.168.159.1 255.255.255.0</P><P> service-module ip address 192.168.158.2 255.255.255.0</P><P> service-module ip default-gateway 192.168.158.1</P><P> </P><P>On the cache engine:</P><P></P><P>http proxy incoming 8080</P><P>ftp proxy incoming 8080</P><P>https proxy incoming 8080</P><P>!</P><P>!</P><P>wccp router-list 1 192.168.160.1</P><P>wccp port-list 1 80 8080</P><P>wccp web-cache router-list-num 1</P><P>wccp custom-web-cache router-list-num 1 port 8080</P><P></P><P>wccp service-number 95 router-list-num 1 port-list-num 1 application cache hash-source-ip match-source-port</P><P></P><P>wccp version 2</P><P>wccp spoof-client-ip enable</P><P>!</P><P>proxy-protocol transparent default-server</P><P></P><P>Thanks</P><P></P> Tue, 16 Mar 2004 14:47:21 GMT https://community.cisco.com/t5/application-networking/ip-spoofing/m-p/274670#M4100 nambale 2004-03-16T14:47:21Z https://community.cisco.com/t5/application-networking/ip-spoofing/m-p/274671#M4101 <HTML><HEAD></HEAD><BODY><P>question 1 is normal.</P><P>Only WCCP redirected traffic will be spoofed.</P><P>I don't think you can change this.</P><P></P><P>question 2 is tricky.</P><P>By default the CE does not cache authenticated website.</P><P>What ACNS software version do you run ?</P><P></P><P>Gilles.</P></BODY></HTML> Tue, 16 Mar 2004 15:57:48 GMT https://community.cisco.com/t5/application-networking/ip-spoofing/m-p/274671#M4101 Gilles Dufour 2004-03-16T15:57:48Z https://community.cisco.com/t5/application-networking/ip-spoofing/m-p/274672#M4102 <HTML><HEAD></HEAD><BODY><P>Hi Gilles</P><P>Thanks for the response. I still think the proxy requests are also being redirected by wccp. The clients browser is basically pointing to another proxy not the content engine. At the router these packets are redirected to the CE by WCCP.</P><P></P><P>On question 2 the version of the software is ACNS Release 4.2.3 (build b4 Oct 24 2002). However I think I might be missing something in my config because it never seems to execute the ssl bit of the login.</P><P></P><P>Thanks</P><P></P><P></P></BODY></HTML> Wed, 17 Mar 2004 07:22:22 GMT https://community.cisco.com/t5/application-networking/ip-spoofing/m-p/274672#M4102 nambale 2004-03-17T07:22:22Z