Folks,
I'm running ACNS 5.4.1 on a CE-565.
All is well except ICAP for anti-virus which I just enabled the other day.
When I go to a website with a virus, such as EICAR.org, the Symantec box detects the virus, however the user is never notified of the virus.
Instead of getting the configured virus alert message from the Symantec device, the user gets the "Page cannot be displayed" Internet explorer message.
Here is my current config:
! ACNS version 5.4.1
!
device mode content-engine
!
!
hostname ContentEngine
!
http age-multiplier text 80 binary 90
http cache-cookies
tcp server-rw-timeout 180
http max-ttl days text 6 binary 14
http min-ttl 20
!
!
clock timezone US/Eastern -4 0
!
!
ip domain-name X.X
!
!
gui-server secure port XX
!
!
interface PortChannel 1
ip address 10.252.60.10 255.255.255.0
exit
!
!
interface GigabitEthernet 1/0
channel-group 1
exit
interface GigabitEthernet 2/0
channel-group 1
exit
!
!
ip default-gateway 10.252.60.1
!
wmt license-key installed
wmt accept-license-agreement
wmt enable
wmt live-url-stripping enable
!
!
no auto-register enable
!
rtsp server real-subscriber license-key installed
rtsp server real-subscriber accept-license-agreement
rtsp server real-subscriber enable
!
!
ip name-server X.X.X.X
!
!
logging facility local3
logging host X.X.X.X priority information
logging console priority debug
!
ntp server 10.252.111.2
!
bypass static any-client 10.101.254.1
no bypass load enable
bypass gateway 10.252.60.1
!
!
!
wccp router-list 1 10.252.60.1 10.252.60.2 10.252.60.3 10.252.60.4 10.252.60.5
wccp web-cache router-list-num 1 l2-redirect
wccp rtsp router-list-num 1 l2-redirect
wccp wmt router-list-num 1 l2-redirect
wccp ftp-native router-list-num 1
wccp wmt-rtspu router-list-num 1 l2-redirect
wccp https-cache accept-all
wccp https-cache router-list-num 1 l2-redirect
wccp version 2
!
!
icap apply all
icap logging enable
icap rescan-cache ISTag-change
icap service symantec-resp
enable
vector-point respmod-precache
server icap://10.252.176.20/avscan
exit
!
websense-server service policy local activate
websense-server service eim activate
websense-server service network-agent activate
!
!
websense-server enable
!
rtsp proxy media-real license-key installed
rtsp proxy media-real accept-license-agreement
rtsp proxy media-real enable
!
rtsp server cisco-streaming-engine enable
transaction-logs export ftp-server X.X.X.X cisco **** \updates
!
!
username X.X.X.X password 1 X.X.X.X
username X.X.X.X privilege 15
!
!
tacacs key ****
tacacs timeout 20
tacacs retransmit 1
tacacs host X.X.X.X primary
tacacs host X.X.X.X
!
!
authentication login local enable secondary
authentication login tacacs enable primary
authentication configuration local enable secondary
authentication configuration tacacs enable primary
!
!
sshd enable
!
!
url-filter http websense server local
url-filter http websense enable
!
!
mediafs-division wmt-cache-space 80 real-cache-space 20
!
!
banner login message "This is a private informatino system for authorized us
ly.\nUnauthorized use may result in disciplinary, civil, and criminal penalt
\nLOG OFF IMMEDIATELY IF YOU DO NOT AGREE TO THESE CONDITIONS.\n"
banner enable
!
!
bandwidth real-server 512 default
bandwidth real-server 1024 max-bandwidth
bandwidth real-proxy outgoing 512 default
bandwidth real-proxy outgoing 1024 max-bandwidth
bandwidth real-proxy incoming 512 default
bandwidth real-proxy incoming 1024 max-bandwidth
! End of ACNS configuration
Thanks,
Ron
