Has anyone configured transparent WCCP redirection on Cisco FTD managed by FMC? I couldn't find any online referrals for this. Appreciate the expert help.
There is a flexconfig template for it as of release 6.2. I've not had any success with getting it to work just yet though.
I admit comprehension of the Velocity scripting language they use in the template is poor ...but the explanation of the template is even more poor. :)
No - I haven't had time to dig back into it. It's on my "to do list" though.
I'd be happy to learn from somebody else though.
This is what I ended up with for wccp in FlexConfig.
Yes, I had configured the WCCP redirection on FTD 2100's using FMC in both transparent and non transparent modes. Just make sure one thing in any scenario, both web users and client(proxy server) have to be behind the same interface but not necessarily in the same network. rest of the wccp configuration on FTD is similar to ASA but using flexconfig.
I had the same problem. No enough documentation available online but here is what I did with a couple of 2130s.
I used the template and modified it with some information.
#set( $service = "web-cache")
#if( $isServiceIdentifier == "true") <--Changed this object from false to true
#set( $service = "$serviceIdentifier") <- Change this value to 90 o 91 depends of what port you need to filter 80 or 443
#set ( $wccpCli = "wccp")
#set ( $wccpCli = "$wccpCli $service")
####wccpGroupList is place-holder for extended ACL.
####Replace wccpGroupList with extended ACL defined in FMC by inserting policy-object of type extended ACL.
#if( $wsas )
#set( $wccpCli = "$wccpCli group-list $wsas1") <- This is the ACL with the WSA IP running WCCP
####wccpRedirectList is place-holder for extended ACL.
####Replace wccpRedirectList with extended ACL defined in FMC by inserting policy-object of type extended ACL.
#if( $Redirect_List )
#set( $wccpCli = "$wccpCli redirect-list $Redirect_List1") <-- This is the ACL with the redirection policies.
#### Assiging wccp onto interface
#foreach( $inside1 in $inside2) <- updated this inside interface in inside zone
wccp interface inside 90 redirect in <- This is clear text using the service ID you defined above (do not insert, just type it).
Have any of you use WCCP on 6.3.0 release. We have 6.3.0 deployed with WCCP configuration but it is not working. I can see the config in the FTD when using the show commands but it is not sending any traffic to the WCCP appliance.
The configuration I posted few days ago is running in a FTD2130 with FXOS 2.4 and FTD 184.108.40.206. It is working like a champ.