11-20-2017 10:12 AM - edited 02-21-2020 06:47 AM
Hello All,
Has anyone configured transparent WCCP redirection on Cisco FTD managed by FMC? I couldn't find any online referrals for this. Appreciate the expert help.
Thank you
Nimalraj
12-07-2017 05:32 AM
There is a flexconfig template for it as of release 6.2. I've not had any success with getting it to work just yet though.
I admit comprehension of the Velocity scripting language they use in the template is poor ...but the explanation of the template is even more poor. :)
01-09-2018 05:46 AM
Marvin, did you had any luck with WCCP in getting it to work?
01-09-2018 05:32 PM
No - I haven't had time to dig back into it. It's on my "to do list" though.
I'd be happy to learn from somebody else though.
01-12-2018 10:35 AM
This is what I ended up with for wccp in FlexConfig.
02-22-2018 04:28 PM
Hi,
Yes, I had configured the WCCP redirection on FTD 2100's using FMC in both transparent and non transparent modes. Just make sure one thing in any scenario, both web users and client(proxy server) have to be behind the same interface but not necessarily in the same network. rest of the wccp configuration on FTD is similar to ASA but using flexconfig.
04-24-2019 12:08 PM
I had the same problem. No enough documentation available online but here is what I did with a couple of 2130s.
I used the template and modified it with some information.
#set( $service = "web-cache")
#if( $isServiceIdentifier == "true") <--Changed this object from false to true
#set( $service = "$serviceIdentifier") <- Change this value to 90 o 91 depends of what port you need to filter 80 or 443
#end
#set ( $wccpCli = "wccp")
#set ( $wccpCli = "$wccpCli $service")
####wccpGroupList is place-holder for extended ACL.
####Replace wccpGroupList with extended ACL defined in FMC by inserting policy-object of type extended ACL.
#if( $wsas )
#set( $wccpCli = "$wccpCli group-list $wsas1") <- This is the ACL with the WSA IP running WCCP
#end
####wccpRedirectList is place-holder for extended ACL.
####Replace wccpRedirectList with extended ACL defined in FMC by inserting policy-object of type extended ACL.
#if( $Redirect_List )
#set( $wccpCli = "$wccpCli redirect-list $Redirect_List1") <-- This is the ACL with the redirection policies.
#end
$wccpCli
#### Assiging wccp onto interface
#foreach( $inside1 in $inside2) <- updated this inside interface in inside zone
wccp interface inside 90 redirect in <- This is clear text using the service ID you defined above (do not insert, just type it).
#end
05-13-2019 05:32 PM
Have any of you use WCCP on 6.3.0 release. We have 6.3.0 deployed with WCCP configuration but it is not working. I can see the config in the FTD when using the show commands but it is not sending any traffic to the WCCP appliance.
05-14-2019 06:25 PM
Hi James,
The configuration I posted few days ago is running in a FTD2130 with FXOS 2.4 and FTD 6.3.0.2. It is working like a champ.
06-13-2019 03:51 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide