Cisco Community
English
Register
Announcing the Project Gallery! Click here to read community member deployment stories and share your projects!
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
1969
Views
4
Helpful
3
Replies
Highlighted
David.Pellat
Beginner
Beginner
‎05-20-2012 05:55 PM
‎05-20-2012 05:55 PM

WCCP on 6500 with Squid Proxy

                   Hi,

I have been tasked to setup a Transparent Squid proxy and do redirection on  a Cisco 6513 Switch.

I don't have access to the SQUID but think that my config below should be OK. We have setup a TEST user Vlan 13 . Any traffic from this destined for the we on 80 or 443 should be redirected.

Vlan 10 is where the Squid proxy is sitting.

ip wccp version 2
ip wccp web-cache group-list 10 password xxxxxxx - Limit the servers that can operate WCCP with the switch.
!
access-list 10 remark WCCP_SQUID_PROXY
access-list 10 permit host 10.20.10.50 (Squid Server)

!
ip wccp web-cache accelerated  - Enables the hardware acceleration on PFC cards
!
ip access-list extended WCCP_REDIRECT  -
permit tcp 10.20.13.0 0.0.0.255 any eq www
permit tcp 10.20.13.0 0.0.0.255 any eq 443
deny ip any any
!

ip wccp redirect-list WCCP_REDIRECT
!
interface vlan 13
desc TEST_USER_FOR_SQUID
10.20.13.1 255.255.255.0

!
ip wccp web-cache redirect in (Coming into vlan from internal subnet for any on TCP 80 and 443 gets redirected)
!

interface vlan 10
dest SQUID_SUBNET
10.20.10.1 255.255.255.0

Please can you let me know if there is anyting that i am missing? Thanks

David

Labels:
Everyone's tags (4)
0 Helpful
Reply
3 REPLIES 3
Highlighted
Giuseppe Larosa
Hall of Fame Master Hall of Fame Master
Hall of Fame Master
‎05-21-2012 02:47 AM
‎05-21-2012 02:47 AM

WCCP on 6500 with Squid Proxy

Hello David,

WCCP should need a L3 point of application for example in your case for the testing phase I would add

interface vlan13

ip wccp web-cache redirect-in

see

http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf018_ps1835_TSD_Products_Configuration_Guide_Chapter.html#wp1001302

in alternative the redirect out can be used on the interface towards internet.

Hope to help

Giuseppe

Reply
Highlighted
David.Pellat
Beginner
Beginner
‎05-21-2012 11:36 PM
‎05-21-2012 11:36 PM

WCCP on 6500 with Squid Proxy

Hi Giuseppe,

I had added this in above?  Only traffic from the vlan 13 configured in ACL WCCP_REDIRECT  will redirect to the SQUID.

By using "ip wccp web-cache accelerated" this should enable the wccp in hardware?

By Using |ip wccp web-cache group-list 10 password xxxxxxx" restricts on the server defined in the ACL to connect to the router for wccp.

I think I have the bases covered?

Thansk

0 Helpful
Reply
Highlighted
Giuseppe Larosa
Hall of Fame Master Hall of Fame Master
Hall of Fame Master
‎05-22-2012 01:06 AM
‎05-22-2012 01:06 AM

WCCP on 6500 with Squid Proxy

Hello David,

I agree your configuration should be fine.

according to documentation

ip wccp web-cache group-list 10  restricts with what caches the router will peer using WCCP protocol

>> By using "ip wccp web-cache accelerated" this should enable the wccp in hardware?

I'm not sure on this it should do it.

Hope to help

Giuseppe

0 Helpful
Reply
Latest Contents
Identify traffic flowing through the IPSec Tunnel
Created by techjoe.2 on 08-07-2020 10:25 PM
0
0
0
0
Hi Everyone,I have 2 queries1. After we configure the IPSec VPN in a Cisco Router, how do we identify and check that the traffic is flowing        through the tunnel? Are there any commands and ways to find it out?2. What are some of t... view more
S7|E29 Increase Visibility and Enhance Security with Cisco A...
Created by aalesna on 08-04-2020 10:18 AM
0
0
0
0
Cisco Champion Radio · S7|E29 Increase Visibility and Enhance Security with Cisco AI Endpoint Analytics   Cisco is on a journey to making networking smarter with artificial intelligence and machine learning. The latest stop in this journey, Cisco AI... view more
Integrating Cisco SDWAN with AWS TGW and Azure Virtual WAN
Created by Harish Balakrishnan on 08-04-2020 04:53 AM
0
10
0
10
 This document covers the Cisco SDWAN integration with Azure Virtual WAN and AWS Transit gateway Integrating Cisco SDWAN with AWS TGW and Azure Virtual WAN
Community Live video- Introduction to Smart Licensing on Cat...
Created by ciscomoderator on 07-31-2020 07:48 AM
0
0
0
0
Community Live video- Introduction to Smart Licensing on Catalyst Switches (Live event - formerly known as Webcast-  Thursday 30 July, 2020 at 10 am Pacific/ 1 pm Eastern / 7 pm Paris) This event had place on Thursday 30th, July 2020 at 10hrs PDT&nb... view more
Ask Me Anything event- Introduction to Smart Licensing on Ca...
Created by ciscomoderator on 07-29-2020 10:33 PM
0
0
0
0
To   participate   in this event, please use the   button   to ask your questions This topic is a chance to clarify your questions about smart licensing on Cisco Catalyst switches, including 9000 (9200, 93... view more
Content for Community-Ad