cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
805
Views
0
Helpful
1
Replies
Highlighted
Beginner

Can a virtual IP address be used in Cisco WSA?

I have been deployment a demo installation of the Cisco Ironport WSA for a client. Actually, without the Ironport, each /24 segment navigate to the Internet with a differente IP address directly through a firewall. The client wants to have that distinction also using the Ironport, but the Ironport makes all the connections to Internet using its own IP address.

Is there a way I can create different IP addresses on the Ironport and use a different IP address for each different IP segment? That is the way I think we can still make that distinction.

Also, just to check, the Ironport always use its own IP address to make the connection, right? or there is a way it can be used "as a bridge", thanks a lot!!

* I am using wccp in a 6509 for the deployment

Everyone's tags (6)
1 REPLY 1
Cisco Employee

Can a virtual IP address be used in Cisco WSA?

Hi Slizarraga,

By default, Ironport WSA will use its own IP address to connect to web servers. Under Security Services --> Web Proxy, we have option to enable "IP spoofing" which means that WSA will send out requests to web servers using clients IP addr as source addr.

In this case, please note that return traffic from web server to client will bypass WSA unless you have WCCP redirection configured to redirect this return traffic as well to WSA.

I hope this helps.

Thanks,

Chetan

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards
This widget could not be displayed.