01-31-2014 06:20 AM
Hello everyone
First time writing in the support community. So exiting!!!!
I am trying to have a transparent WSA (7.5) with a CAT6509 SXF7 WCCP. between them there is a Firewall/router. so I built the WCCP with GRE/L3.
so far so good. WCCP GRE tunnel is there.
However cannot surf the internet.
After much troubleshooting (wireshark mainly) I believe I know where the problem is.
Client want to surf the Internet (http)
Client sends a SYN request to the IP of the website (after resolving DNS)
CAT6500 tunnels the request with GRE to WSA
WSA receives request and sends to SYN packet to the webpage.
Webpage sends a SYN ACK to WSA (no spoofing)
PROBLEM: WSA then sends the SYN ACK without GRE to client with in turn does not go through the FW
Client does not receive SYN ACK, sends another SYN and then another until he gives up.
Question: How can I force the WSA to return traffic through the GRE tunnel.
I already chose return method as "alloow GRE only" under WCCPv2 Service
So look forward to receive some help