Re: Configuring WCCP between PIX 7.2 and Bluecoat

r.carreras · ‎05-06-2007

Hello,

I have a PIX 7.2 and a new cache box ( Bluecoat ), I'd like to configure WCCP in order to redirect all web traffic to the cache box.

I have seen that WCCP must be configured at the same interface where the clients and the cache box are located. The cache box and the clients are located at the inside interface of PIX.

The PIX inside IP address is 172.16.2.2 / 16. I'd like to redirect internet web traffic from 172.16.x.x network to the cache box (172.16.1.230).

I have looked at the documentation but I have not been able to find how to configure the destination IP address ( cache box ) at PIX.

Please anybody have a sample configuration ??

Btw: Is there any workaround to bypass PIX limitation of running WCCP at the same interface where clients and cache box are located. I'd like to place the cache box at DMZ network.

Thanks a lot.

Ricard

vijayasankar · ‎05-06-2007

Hi,

Check this URL for more details on how WCCP works.

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/fun_c/fcprt3/fcd305.htm#1000909

The following sequence of events details how WCCPv2 configuration works:

1. Each cache engine is configured with a list of routers.

2. Each cache engine announces its presence and a list of all routers with which it has established communications. The routers reply with their view (list) of cache engines in the group.

3. Once the view is consistent across all cache engines in the cluster, one cache engine is designated as the lead and sets the policy that the routers need to deploy in redirecting packets

As stated in the document, you need to configure the inside ip address of your pix firewall in the bluecoat cache device.

To use WCCP in pix, we need to follow the guideline recommended by cisco.

As far as i know, there is no workaround available to break the way WCCP is implemented in PIX.

Hope this helps.

-VJ