The ASA must be running minimum 7.2.1 code to be able to configure WCCP feature.
The only topology that the adaptive security appliance supports is when client and cache engine are behind the same interface of the adaptive security appliance and the cache engine can directly communicate with the client without going through the adaptive security appliance.
Router ID is chosen as the highest IP address configured on the ASA. If that happens to the DMZ interface or the outside interface IP address, then the WCCP server has to have a route to get to that Router-ID address pointing to the ASA's interface.
How wccp works
PC makes a request to a website.
ASA receives the request and re-directs it to the wccp server in an encapsulated GRE packet to avoid any modifycations to the original packet.
WCCP receives the packet and sends the response directly to the PC.
Step by Step Configuration
1. Configure an access-list containing all members of WCCP servers.
There is only one WCCP server in this example.
ASA(config)#access-list wccp-servers permit ip host 192.168.6.10 any
2. Create an access-list of the traffic that needs to be re-directed to WCCP
The access-list argument should consist of a string of no more than 64 characters (name or number) that specifies the access list. The access list should only contain network addresses. Port-specific entries are not supported.
ASA(config)#access-list wccp-traffic permit ip 192.168.6.0 255.255.255.0 any
For the last two days days, I've been getting this email from our ESA appliance. The Warning message is:The updater has been unable to communicate with the update server for at least 1h.Last message occurred 8 times between Thu May 28 21:25:22 2020 a...
HelloWe want to purchase firepower P/N:FPR9K-FTD-BUN with P/N:FPR9K-SM-56= as security module. I could find information about one and three security module in the firepower9300 data sheet but there isn’t information about two security modules.Do we have t...
Hi All,I have failover configured between two ASA 5515. I am a bit rusty with ASA..years since I played with one.Anyways, failover seems to be working ok. The only problem I have is that the failover unit keeps changing the name everytime I reboot the sec...
We are ESP and a little over two weeks ago we started seeing a sudden change in our ratings of several of our IPs at Talos. Some messages started to be returned with smtp;554 Your access to this mail system has been rejected due to the sending MTA's...
I would like to create guest users using Python script.
I have installed 3.8.3 Python and saved the .py file and run the execution using ERS SDK guide for ISE
However getting an error:-
GAGSING3-M-93JT:Desktop gagsing3$ python...