09-29-2011 09:35 AM
Hello,
I have configured WCCP redirection on ASA for redirecting transparently http and https traffic.
I have configured a service ID 90 that contains 80 and 443 port. The ironport S160 has two interfaces, one for management and the other for data.
The interface used for data is on a different subnet that the inside interface of ASA where it is configured WCCP.
The problem is that the users that are in the same subnet with ironport data interface, their traffic gets redirected, while the traffic of the other users that are not in the same subnet with ironport data interface is not processed correctly from ironport and this users does not have internet access.
Any idea ?
BR,
Ilir
09-29-2011 10:07 AM
Ilir,
How is this second group of users connected to the ASA? Their outbound traffic has to be going out the "inside" interface also. If they are on another port on the ASA, WCCP won't catch their traffic. i.e. You can't use the DMZ interface on an ASA and point its web traffic at a WSA that lives inside.
Ken
09-30-2011 07:46 AM
Hello Ken,
Thank you for your reply first.
Yes, also the other users subnets have to be going out the inside interface also.
BR,
Ilir
10-19-2011 09:42 AM
Is the new subnet in the redirect ACL that WCCP is using?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide