- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-30-2011 09:38 AM
Hello,
Currenty using WCCP with squid for content filtering. One of our sites we connect to needs to see the connection coming from our public IP address, not the proxy server IP. I've created a acl in squid for direct lookup, but the website gets angry with the X-Forwarder-Header squid attaches to each packet. Is there a way in a cisco ASA 5505 to bypass wccp for a specific public ip address or url?
Thanks in advance.
Solved! Go to Solution.
- Labels:
-
Application Networking
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-30-2011 10:11 AM
No, redirect ACL is extended, so it can be both ways, see below my LAB
access-list 120; 2 elements
access-list 120 line 1 extended deny ip any host 72.163.4.161 log informational interval 300 (hitcnt=45) 0x0a8fd0a5
access-list 120 line 2 extended permit ip any any (hitcnt=0) 0x6f1c3702
Hope this solve your issue.
Ahsan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-30-2011 09:46 AM
Hi,
You can use redirect-acl to define whcih traffic should / should not be redirected to WCCP Client. See below syntax
wccp web-cache redirect-list ACL_Name
Ahsan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-30-2011 09:52 AM
Wouldn't that just be for internal traffic, ie machines on the lan to bypass WCCP all together? I still want all the machines on the lan using WCCP, but just want one website to not use wccp.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-30-2011 10:11 AM
No, redirect ACL is extended, so it can be both ways, see below my LAB
access-list 120; 2 elements
access-list 120 line 1 extended deny ip any host 72.163.4.161 log informational interval 300 (hitcnt=45) 0x0a8fd0a5
access-list 120 line 2 extended permit ip any any (hitcnt=0) 0x6f1c3702
Hope this solve your issue.
Ahsan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-30-2011 10:27 AM
That did the trick!
Thanks!
