Cisco Community
English
Register
The War in Ukraine - Supporting customers, partners and communities. LEARN MORE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
2034
Views
4
Helpful
3
Replies
David.Pellat
Beginner
Beginner
‎05-20-2012 05:55 PM
‎05-20-2012 05:55 PM

WCCP on 6500 with Squid Proxy

                   Hi,

I have been tasked to setup a Transparent Squid proxy and do redirection on  a Cisco 6513 Switch.

I don't have access to the SQUID but think that my config below should be OK. We have setup a TEST user Vlan 13 . Any traffic from this destined for the we on 80 or 443 should be redirected.

Vlan 10 is where the Squid proxy is sitting.

ip wccp version 2
ip wccp web-cache group-list 10 password xxxxxxx - Limit the servers that can operate WCCP with the switch.
!
access-list 10 remark WCCP_SQUID_PROXY
access-list 10 permit host 10.20.10.50 (Squid Server)

!
ip wccp web-cache accelerated  - Enables the hardware acceleration on PFC cards
!
ip access-list extended WCCP_REDIRECT  -
permit tcp 10.20.13.0 0.0.0.255 any eq www
permit tcp 10.20.13.0 0.0.0.255 any eq 443
deny ip any any
!

ip wccp redirect-list WCCP_REDIRECT
!
interface vlan 13
desc TEST_USER_FOR_SQUID
10.20.13.1 255.255.255.0

!
ip wccp web-cache redirect in (Coming into vlan from internal subnet for any on TCP 80 and 443 gets redirected)
!

interface vlan 10
dest SQUID_SUBNET
10.20.10.1 255.255.255.0

Please can you let me know if there is anyting that i am missing? Thanks

David

Labels:
0 Helpful
3 REPLIES 3
Giuseppe Larosa
Hall of Fame Master Hall of Fame Master
Hall of Fame Master
‎05-21-2012 02:47 AM
‎05-21-2012 02:47 AM

Hello David,

WCCP should need a L3 point of application for example in your case for the testing phase I would add

interface vlan13

ip wccp web-cache redirect-in

see

http://www.cisco.com/en/US/docs/ios/12_2/configfun/configuration/guide/fcf018_ps1835_TSD_Products_Configuration_Guide_Chapter.html#wp1001302

in alternative the redirect out can be used on the interface towards internet.

Hope to help

Giuseppe

David.Pellat
Beginner
Beginner
In response to Giuseppe Larosa
‎05-21-2012 11:36 PM
‎05-21-2012 11:36 PM

Hi Giuseppe,

I had added this in above?  Only traffic from the vlan 13 configured in ACL WCCP_REDIRECT  will redirect to the SQUID.

By using "ip wccp web-cache accelerated" this should enable the wccp in hardware?

By Using |ip wccp web-cache group-list 10 password xxxxxxx" restricts on the server defined in the ACL to connect to the router for wccp.

I think I have the bases covered?

Thansk

0 Helpful
Giuseppe Larosa
Hall of Fame Master Hall of Fame Master
Hall of Fame Master
In response to David.Pellat
‎05-22-2012 01:06 AM
‎05-22-2012 01:06 AM

Hello David,

I agree your configuration should be fine.

according to documentation

ip wccp web-cache group-list 10  restricts with what caches the router will peer using WCCP protocol

>> By using "ip wccp web-cache accelerated" this should enable the wccp in hardware?

I'm not sure on this it should do it.

Hope to help

Giuseppe

0 Helpful
Latest Contents
OSPF The Ultimate CCIE Enterprise and Infrastructure Exam av...
Created by Meddane on 05-25-2022 11:03 AM
0
0
0
0
After my first publication of the book OSPF Demystified With RFC in 2014 which goes beyond the CCIE level which explores OSPF from the RFC's perspective. Since one year I had the idea : why not write a book for CCIE Enterprise and Infrastructure to be an ... view more
Upgrade Cisco DNA Center
Created by mclymer on 05-18-2022 12:20 PM
0
0
0
0
Learn more about Cisco DNA Center, Version 2.2.3.4
5-minute Cisco Survey – Enter Gift Card Giveaway!
Created by Robert Murphy on 05-18-2022 11:30 AM
1
10
1
10
Do you use Cisco DNA Center? Have you used and are you willing to provide your feedback in using the Cisco DNA Center help and documentation? If so, we’d like you to complete the survey linked below. Your feedback will help provide more effective and easi... view more
OSPF for CCIE Enterprise and Infrastructure Exam
Created by Meddane on 05-13-2022 02:24 AM
0
0
0
0
The ultimate is coming.  
Cisco Champion Radio: S9|E18 CC Unfiltered: Becoming an Expe...
Created by Amilee San Juan on 05-11-2022 12:57 PM
1
0
1
0
Listen: https://smarturl.it/CCRS9E18Follow us: https://twitter.com/CiscoChampion Reaching the height of your career is no simple feat. It often requires a combination of pursuing the right education, building the right professional network and being ... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Related support document topics
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad