Showing results for 
Search instead for 
Did you mean: 

Community Helping Community


WCCP redirection not working on Catalyst 4500


We are trying to implement WCCP in our network for LAN and VPN users. Here's a little info about our network:

- WCCP redirection is configured our cisco 4500, connected directly to the proxy server

- We have 2 VPN appliances for remote access, VPN#1 is cisco ASA 5525 (IPsec IKEv1 VPN), and VPN#2 is firewall from other vendor (SSL VPN)

- DHCP server for VPN users is in each respective firewall

We have successfully setup WCCP on our cisco 4500, here's the snippet configuration:

ip wccp 0 group-list 22 password XXX


interface gigabit ethernet 5/1

description PROXY_SERVER

no switchport

ip address


interface gigabit ethernet 5/2

description CONNECT_TO_LAN

no switchport

ip wccp 0 redirection in


interface gigabit ethernet 5/3

description CONNECT_TO_FW_VPN1 (ASA)

no switchport

ip wccp 0 redirection in


interface gigabit ethernet 5/4

description CONNECT_TO_FW_VPN2

no switchport

ip wccp 0 redirection in


access-list 22 permit


We have no issue in our proxy server configuration as for our LAN and VPN#2 users they can successfully browse the internet transparently after WCCP implementation. (WCCP redirection works)

but for our VPN#1 users, which are served by ASA, they're unable to browse the internet without explicit proxy configuration.

The same redirection is applied on those 3 links (LAN, VPN#1, and VPN#2) but why it is only not working on VPN#1? Please advise.

here's the snippet of our deployment showing our cat 4500 and ASA


- our other firewall (VPN#2) deployed in the same condition as ASA, where inside interface is in the same IP subnet as the VPN users.

- please dont go off topic and talk about solution such as split-tunneling, etc, we just want to focus about WCCP in this topic

Thank you


Everyone's tags (6)
CreatePlease to create content
Content for Community-Ad