ASA w WCCP redirecting to Squid on CentOS- TCP re-transmissions
Hello all... hoping somebody can help me here. Having a bear of a time getting WCCP redirection working for http clients using squid on CentOs as a proxy and a ASA as my firewall device. I've followed 10 or so articles to no avail. This one here seems concise enough and I followed it verbatim. Except for the iptables -t nat -A POSTROUTING -j MASQUERADE Line at the end...did not see that anywhere else and read it can cause issues with firewalls.
I have connectivity throughout the network. Squid is working and works fine if I point my browsers to it, clients can get out.... But just can't get the transparent redirect\intercept to work w WCCP.
I've attached a screen shot of a wire shark capture at the etho of the squid box. When requesting a website from a windows client (novell.com for example) I get a tcp packet from the ASA to the Proxy as it should, with the WCCP\GRE packet with the web request inside. After that it's a tcp out of order packet followed by a slew of TCP retransmits from the requesting client to the web site – with every other packet having the WCCP\GRE header.
I could certainly post my pertinent configs but I think they are solid as per the above article and all else I've researched.
Here's the basic topology:
ASA- inside- (also my WCCP ID)- 192.168.10.5
Squid proxy (3128)- 192.168.1.19 w a gre interface (wccp0) redirecting to port 3129
Windows client- 192.168.1.2
Cisco Adaptive Security Appliance Software Version 8.4(2) Squid V 3.4
Any help is appreciated- would love to get this to work ! Dennis
As of June 2020, the Cisco ISE pxGrid App for QRadar Ver 1.1.0 is officially Validated and released by IBM, available for download from IBM XFE. Access the link to download app here.
The Cisco ISE pxGrid App V1.1 supports Cisco Identity Se...
i have an ip that is part of our internal network, i configured route map on the core to redirect the traffic to the firewall for further inspection.i checked the firewall logs i can see the traffic is redirect to the firewall successfully. i could ping o...
Hi, 1)May I know wht it means when context visibility Status showing 'disconnected" and '(blank)'?Difference between 'disconnected" and '(blank)'. Since both devices also not connected.I found tht these devices are no longer connected to the swi...
Hi ,I would like to configure multiple public ip (same subnet) on outside interface of ASA.I want to use static NAT for specific purpose.For example i have 8 public IP and I want to use 1 is internet ,1 for VPN ,1 for DMZ server and all ip want to a...
Hi all, Is it a way to retrieve the IPS policies from our IPS Appliance or censor? I have tried to look for a way but I am not able to do so. May I knwo any way can retrieve the policies from the Appliance either from the Appliance itself o...