Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2067
Views
0
Helpful
1
Replies

Redirecting traffic to Proxy from ASA

Janardhan Meesala
Level 1
Level 1

‎05-21-2011 05:31 AM - edited ‎03-11-2019 01:36 PM

Hi Gurus,

I have ASA 5505 with base license. I like to install proxy server in my network.

I configured below commands to forward my traffic to proxy server from my ASA.


access-list p-client extended permit tcp 10.91.40.0 255.255.255.0 any eq www
access-list p-server extended permit ip host 10.91.40.17 any               // 10.91.40.17 proxy server

wccp web-cache redirect-list p-client group-list p-server

wccp interface inside web-cache redirect in

wccp web-cache

After configuring i taken output as shown below.

CLOVE-HYD-ASA-5505# sh wccp web-cache

Global WCCP information:
    Router information:
        Router Identifier:                   -not yet determined-
        Protocol Version:                    2.0

    Service Identifier: web-cache
        Number of Cache Engines:             0
        Number of routers:                   0
        Total Packets Redirected:            0
        Redirect access-list:                p-client
        Total Connections Denied Redirect:   0
        Total Packets Unassigned:            0
        Group access-list:                   p-server
        Total Messages Denied to Group:      0
        Total Authentication failures:       0
        Total Bypassed Packets Received:     0
CLOVE-HYD-ASA-5505#


CLOVE-HYD-ASA-5505# sh wccp interfaces

WCCP interface configuration:
    Vlan1
        Output services: 0
        Input services:  1
        Mcast services:  0
        Exclude In:      FALSE
CLOVE-HYD-ASA-5505#

For your information, my proxy is squid server.

And help me, If there is any configuration that i need to configure.

And if possible send me the configuration guide to setup SQUID server. ( Actually it was set up by the 3rd party vendor)

Regards,

MJR

Labels:
0 Helpful
1 Reply 1

mirober2
Cisco Employee
Cisco Employee

‎05-24-2011 01:50 PM

Hi MJR,

This may not be related to your problem, but as a first step you should change your redirect-list to be the following instead:

access-list p-client extended permit ip 10.91.40.0 255.255.255.0 any

The ASA does not support the use of ports in the WCCP redirect-list.

The minimum Squid config required for the ASA to recognize the cache engine is:

wccp2_router
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_assignment_method hash
wccp2_service standard 0

The Squid Cache Wiki has some configuration examples to reference:

http://wiki.squid-cache.org/FrontPage

There are some Cisco-specific examples that you can find by searching around the web.

Hope that helps.

-Mike

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card