Here are the examples for WCCP in a 6500.

Example 1

:

ip wccp web-cache redirect-list 110 password umgov

interface Vlan110

ip address 10.8.86.254 255.255.255.0

ip wccp web-cache redirect out

access-list 110 deny   ip any 192.168.90.0 0.0.0.255

access-list 110 deny   ip 202.185.113.0 0.0.0.255 any

access-list 110 permit ip any any

The password above is optional.

Example 2

:

ip wccp web-cache redirect-list IRONPORT group-list 15

ip access-list extended IRONPORT

permit tcp 10.1.15.0 0.0.0.255 any eq www

access-list 15 permit 10.1.15.10

interface Vlan15

  ip wccp web-cache redirect in

Example 3:

This is all on a 6500 running IOS 12.2
Overview:
All traffic on VLAN 11, which is 172.22.11.0/24, is to be sent to Ironport to filter. 
This example filters all traffic on that subnet, no exception.


!!! below turns on wccp with service ID of 90
ip wccp 90
!
!!! below is the VLAN interface of the VLAN/Subnet that we want to filter
interface Vlan11
  ip address 172.22.11.1 255.255.255.0
  ip wccp 90 redirect in
!
!!! below is the access-list that identifies traffic to be redirected
!this says anything to 192.168.0.0/16 will not be redirected

!this says anything on 172.22.11.0/24 will be redirected
!
ip access-list extended IRONPORT

deny tcp any 192.168.0.0 0.0.255.255
permit tcp 172.22.11.0 0.0.0.255 any eq www
!
!!! below says to redirect traffic based on the named ACL
ip wccp  90 redirect-list IRONPORT

The difference between example 1 and  example 2 is that example 1 redirects traffic on the interface to  Internet (redirect out) and example 2 redirects traffic on the interface  of the client network (redirect in).

The below link explains Cisco WCCP commands:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122sup/122csum/csum1/122csfun/fsf018.htm

Hope this helps!

Thanks,

Tery

Hi Jaime,

Yes I believe the redirect in statement is the only thing missing here.

Thanks,

Tery

Thanks Tery,

I´m going to test with redirection interface.

For example, I want apply redirection only one IP (10.10.10.2). The configuration in 6500 would be:

(config)#access-list IRONPORT extended permit ip host 10.10.10.2 any

(config)#ip wccp version 2

(config)#ip wccp 90 redirect-list IRONPORT

(config)#interface vlan 215

(config-if)#ip wccp 90 redirect in

It´s correct?

Thanks again,

Jaime.

Hi,

Your missing this statement

permit tcp 10.10.10.0 0.0.0.255 any eq www < Are you re-directing just port 80 or all ports?

Thanks,

Tery

Hi Tery,

I want redirect por 80 and 443.

Regards,

Jaime.

Hi Tery,

I have applied the following configuration in 6500:

ip access-list extended IRONPORT

permit tcp host 10.1.3.44 any eq www

ip wccp version 2

ip wccp 90 redirect-list IRONPORT

interface Vlan215

ip address 10.100.0.1 255.255.255.0

ip wccp 90 redirect in

Now, WCCP is working fine:

6509-Impsat#sh ip wccp 90 detail

WCCP Client information:

        WCCP Client ID:          10.1.200.1

        Protocol Version:        2.0

        State:                   Usable

        Redirection:             L2

        Packet Return:           L2

        Packets Redirected:    0

        Connect Time:          00:15:13

        Assignment:            MASK

But, traffic of IP 10.1.3.44 isn´t redirected to IronPort.

6509-Impsat#sh ip wccp interfaces counts

WCCP interface counts:

    Vlan215

        Output packets redirected

            Process: 0

            CEF:     0

        Input packets redirected

            Process: 0

            CEF:     0

I would appreciate your help.

Thanks,

Jaime.

Hi Tery,

The configuration in 6500 is:

ip wccp version 2

ip wccp 90

I am going to apply redirection to VLAN 215, but it´s still I have not done.

Thanks!

Jaime.

Hi,

My name is Rajnish and i am also suffering with same problem.

have you got any solution for this?

if you have any idea then please assist me.