Buy or Renew
Buy or Renew
Cisco Community present at Cisco Live EMEA 2023. See you in Amsterdam! Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2509
Views
0
Helpful
2
Replies

Transparent Deployment Using Layer 4 Switch

richard.bumanlag
Beginner
Beginner

‎01-29-2012 07:57 AM

Hi,

Just want to ask how to deploy WSA Ironport on transparent mode on layer 4 Switch.

I believe it is just deployed by choosing Layer 4 on Transparent Redirection on WSA Ironport.

But the question is, what will I need to configure to my Layer 4 switch for it to redirect traffic to WSA?

I'm trying to connect it to a hp procurve layer 4 switch to use transparent redirection.

Can someone clarify how to deploy it?

Thanks

Labels:
0 Helpful
2 Replies 2

Ken Stieers
VIP Advisor VIP Advisor
VIP Advisor

‎01-29-2012 05:20 PM

Make sure your swtich can do it:

http://h30499.www3.hp.com/t5/Switches-Hubs-Modems-Legacy-ITRC/HP-Procurve-2626-Policy-based-routing/td-p/5421071

I did some digging and didn't find any decent docs on setting it up... but if you take your drawing from the L4TM question you posted, you want to set up a policy that for the "security vlan" so that all IP traffic on the web ports you want to monitor (80, 443, plus others you might want) gets sent to the IP of the WSAProxy

Here's a bit I lifted from a post on HP's site:

http://bizsupport2.austin.hp.com/bc/docs/support/S​upportManual/c03015541/c03015541.pdf

You'll want to have a look through Chapter 8 for the configuration. You've got to basically configure a traffic class, configure policies for it, and then apply it (in this case) to each of the VLANs you want it for.

What kind of firewall are you using?  If its a Cisco ASA, it would actually be simpler to do WCCP to the WSA...

0 Helpful

richard.bumanlag
Beginner
Beginner
In response to Ken Stieers

‎01-29-2012 05:30 PM

Thanks for the Reply,

The firewall that I'm using does not support WCCP.

That is why I'm considering the Layer 4 Redirection.

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers
Spotlight Award Nomination
Customers Also Viewed These Support Documents