02-07-2004 06:09 AM
Hello,
A CE-&7305 with a Gigabit interface is connected to a 10/100 ethernet port of a 2950G-24 switch.
Also a router 2620 with a FE port is connected to another port of the same switch .
The router and the CE are behind a PIX firewall and the privat ip of the CE is included into the NATing pool for the inside interface.
The CE is using a DNS outside the firewall.
all the basic configuration to use transparent web caching and to redirect the traffic from the router to the CE are done and i verified that from the router and the content engine.
When i disconnect the outside interface of the firewall to check accessing the pages fromthe CE wich connected to the inside interface of the firewall , i could not access any page.
So is the mismatch bet. the Gigabit interface of the CE and the other interfaces of both the 2950 switch and the 2620 router is the reason or not
Regards
02-08-2004 12:34 AM
HI,
if I understood you right you are disconnecting your link towards the internet behind the firewall and everything else stay up? Further on I suppose that you checked that the CE is doing its job , intercepting the HTTP-Traffic and doing a proper transparent caching job.
In this case I think this is normal behaviour of a Cache (in this case the CE) because the cache can not check if the page is realy up to date which it is doing with an IfModifiedSinceMssage (IMS) towards the origin server. I didn't see any possibility so far to avoid this behaviour so that the CE is responding with the "possibly old and wrong" pages.
In regards of the mismatch of the link-types: The CE supports 10/100/1000 so if the link is up without any errors you won't have to worry about this.
regrads,
Joerg
02-08-2004 07:33 AM
Hi Joerg,
I usually disconnect the link which connects the firewall's outside interface to the internet.
Regarding the IMS, i should access the web pages from the CE because they don't exceed the expiration date to revalidate so i don't know a definite reason for that.
Also as the output of show cfs statistics, i noticed that there are alot of bytes are written and read and as the output of show statistics http savings, i noticed that the no. of hits are increasing.
It means that there are web pages are chached in the CE but i could not browse them.
Regards
03-24-2004 11:10 PM
Hello,
i have CE-7305 which is connected to a router behind a PIX firewall 525, i have configured this CE as a proxy server and it will forward the traffic tro upstream proxy on the outside interface of the router. but i found that the outgoing proxy ports are failed on all the upstream proxies and i could not use the URL filtering capability of those servers .
the configuration as follows :
http proxy incoming 8080 80
http proxy outgoing host proxy1.emirates.net.ae primary
http proxy outgoing monitor 120
no http proxy outgoing connection-timeout
and on the firewall, i configured a static command between the ip address of the CE and a public ip address and i did sh xlate command i ensured that it is working. also i configured access-list command to permit ip host CE-ip-address any and it has been applied to the inside interface of the firewall.
So really i don't know what is the reason for that problem.
thank you.
03-24-2004 11:16 PM
Sorry, i forgot to refer to the outgoing proxy port which is 8080.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide