06-17-2012 06:26 PM
I am trying to setup WCCP on our 4507. For some reason I cannot get this to work! The config I have tried is below. I can't figure out what I'm doing wrong here!
ip wccp web-cache group-list IRONPORT-GROUPLIST
ip wccp source-interface GigabitEthernet2/24
!
Interface Vlan160
ip address 10.10.16.1 255.255.254.0
ip wccp web-cache redirect out
!
ip access-list IRONPORT-GROUPLIST
permit ip any host 10.11.1.10 (10.11.1.10 is the ironport proxy IP address)
On the ironport I setup web-cache under transparent redirection and provided the IP address I used to source from above (GigabitEthernet2/24). Here is the output I get on the 4507:
10CSW-LAN1#sh ip wccp web-cache
Global WCCP information:
Router information:
Router Identifier: 10.11.1.9
Configured source-interface: GigabitEthernet2/24
Protocol Version: 2.0
Service Identifier: web-cache
Number of Service Group Clients: 1
Number of Service Group Routers: 1
Total Packets Redirected: 0
Process: 0
CEF: 0
Platform: 0
Service mode: Open
Service Access-list: -none-
Total Packets Dropped Closed: 0
Redirect access-list: -none-
Total Packets Denied Redirect: 0
Total Packets Unassigned: 0
Group access-list: IRONPORT_GROUPLIST
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total GRE Bypassed Packets Received: 0
Process: 0
CEF: 0
Platform: 0
Here is the debug output:
2w3d: WCCP-EVNT:Process: Start V2 (138)
2w3d: WCCP-EVNT:Successfully opened UDP socket
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:router-id set (initialise) 0.0.0.0 => 10.11.1.9
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: allocate wc orig mask info (540 bytes)
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:1
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: reuse wc orig mask info (540 bytes)
2w3d: WCCP-EVNT:S0: HIA from 10.11.1.10 updated transmit interval to: 10000
2w3d: WCCP-EVNT:S0: HIA from 10.11.1.10 updated timer scaling factors to: 1 and 1
2w3d: WCCP-EVNT:S0: HIA from 10.11.1.10 updating group methods
2w3d: WCCP-EVNT:S0: HIA from 10.11.1.10 updating group timers
2w3d: WCCP-EVNT:S0: no srvc grp mask data to validate
2w3d: WCCP-EVNT:S0: created adjacency interest, 10.11.1.10
2w3d: WCCP-EVNT:S0: nexthop update oce for wc 10.11.1.10, 0x0 -> 0x23C10CF0 IP adj out of GigabitEthernet2/24, addr 10.11.1.10 23C10C80
2w3d: WCCP-EVNT:S0: track nexthop for wc 10.11.1.10 (OK)
2w3d: %WCCP-5-SERVICEFOUND: Service web-cache acquired on WCCP client 10.11.1.10
10CSW-LAN1(config)#
2w3d: WCCP-PKT:S0: Received HIA from 10.11.1.10, rcv_id:1
2w3d: WCCP-EVNT:S0: Building new router view
2w3d: WCCP-EVNT:S0: deallocate rtr_view (24 bytes)
2w3d: WCCP-EVNT:S0: allocate mask rtr_view (572 bytes)
2w3d: WCCP-EVNT:S0: copy orig info (540 bytes)
2w3d: WCCP-EVNT:S0: Assignment wait timer restarted, delay 50000
2w3d: WCCP-EVNT:S0: Built new router view: 1 routers, 1 usable WCCP clients, change # 2
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:2
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: setting up wc mask assignments
2w3d: WCCP-EVNT:S0: allocate current assign info (540 bytes)
2w3d: WCCP-EVNT:S0: set wc current assign info (540 bytes)
2w3d: WCCP-EVNT:S0: RA from 10.11.1.10 (id: 10.11.1.10), assignment key set to 10.11.1.10,3
2w3d: WCCP-EVNT:S0: Building new router view
2w3d: WCCP-EVNT:S0: reuse rtr_view (44 of 572 bytes)
2w3d: WCCP-EVNT:S0: copy blank current info
2w3d: WCCP-EVNT:S0: Assignment wait timer stopped
2w3d: WCCP-EVNT:S0: Built new router view: 1 routers, 1 usable WCCP clients, change # 2
2w3d: WCCP-PKT:S0: Received RA from 10.11.1.10, rcv_id:2
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: reuse wc orig mask info (540 bytes)
2w3d: WCCP-EVNT:S0: wc assignment validated
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:3
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: reuse wc orig mask info (540 bytes)
2w3d: WCCP-EVNT:S0: wc assignment validated
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:4
10CSW-LAN1(config)#
2w3d: %SEC-6-IPACCESSLOGP: list IRONPORT_GROUPLIST permitted udp 10.11.1.10(0) -> 10.11.1.9(0), 5 packets
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: reuse wc orig mask info (540 bytes)
2w3d: WCCP-EVNT:S0: wc assignment validated
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:5
2w3d: WCCP-EVNT:Process: Start V2 (138)
2w3d: WCCP-EVNT:Successfully opened UDP socket
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:router-id set (initialise) 0.0.0.0 => 10.11.1.9
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: allocate wc orig mask info (540 bytes)
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:1
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: reuse wc orig mask info (540 bytes)
2w3d: WCCP-EVNT:S0: HIA from 10.11.1.10 updated transmit interval to: 10000
2w3d: WCCP-EVNT:S0: HIA from 10.11.1.10 updated timer scaling factors to: 1 and 1
2w3d: WCCP-EVNT:S0: HIA from 10.11.1.10 updating group methods
2w3d: WCCP-EVNT:S0: HIA from 10.11.1.10 updating group timers
2w3d: WCCP-EVNT:S0: no srvc grp mask data to validate
2w3d: WCCP-EVNT:S0: created adjacency interest, 10.11.1.10
2w3d: WCCP-EVNT:S0: nexthop update oce for wc 10.11.1.10, 0x0 -> 0x23C10CF0 IP adj out of GigabitEthernet2/24, addr 10.11.1.10 23C10C80
2w3d: WCCP-EVNT:S0: track nexthop for wc 10.11.1.10 (OK)
2w3d: %WCCP-5-SERVICEFOUND: Service web-cache acquired on WCCP client 10.11.1.10
10CSW-LAN1(config)#
2w3d: WCCP-PKT:S0: Received HIA from 10.11.1.10, rcv_id:1
2w3d: WCCP-EVNT:S0: Building new router view
2w3d: WCCP-EVNT:S0: deallocate rtr_view (24 bytes)
2w3d: WCCP-EVNT:S0: allocate mask rtr_view (572 bytes)
2w3d: WCCP-EVNT:S0: copy orig info (540 bytes)
2w3d: WCCP-EVNT:S0: Assignment wait timer restarted, delay 50000
2w3d: WCCP-EVNT:S0: Built new router view: 1 routers, 1 usable WCCP clients, change # 2
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:2
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: setting up wc mask assignments
2w3d: WCCP-EVNT:S0: allocate current assign info (540 bytes)
2w3d: WCCP-EVNT:S0: set wc current assign info (540 bytes)
2w3d: WCCP-EVNT:S0: RA from 10.11.1.10 (id: 10.11.1.10), assignment key set to 10.11.1.10,3
2w3d: WCCP-EVNT:S0: Building new router view
2w3d: WCCP-EVNT:S0: reuse rtr_view (44 of 572 bytes)
2w3d: WCCP-EVNT:S0: copy blank current info
2w3d: WCCP-EVNT:S0: Assignment wait timer stopped
2w3d: WCCP-EVNT:S0: Built new router view: 1 routers, 1 usable WCCP clients, change # 2
2w3d: WCCP-PKT:S0: Received RA from 10.11.1.10, rcv_id:2
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: reuse wc orig mask info (540 bytes)
2w3d: WCCP-EVNT:S0: wc assignment validated
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:3
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: reuse wc orig mask info (540 bytes)
2w3d: WCCP-EVNT:S0: wc assignment validated
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:4
10CSW-LAN1(config)#
2w3d: %SEC-6-IPACCESSLOGP: list IRONPORT_GROUPLIST permitted udp 10.11.1.10(0) -> 10.11.1.9(0), 5 packets
10CSW-LAN1(config)#
2w3d: WCCP-EVNT:S0: updating wc orig assign info
2w3d: WCCP-EVNT:S0: reuse wc orig mask info (540 bytes)
2w3d: WCCP-EVNT:S0: wc assignment validated
2w3d: WCCP-PKT:S0: Sending ISY to 10.11.1.10, rcv_id:5
06-18-2012 06:36 AM
I would recommend doing the following. Also feel free to call into the ironport support line. It is listed at the bottom of the page.
ip wccp 90 group-list IRONPORT-GROUPLIST <- Set the wccp service-number
ip wccp source-interface GigabitEthernet2/24
!
Interface Vlan160
ip address 10.10.16.1 255.255.254.0
ip wccp 90 redirect out <- Set the WCCP Service-number try to redirect inbound traffic
!
ip access-list IRONPORT-GROUPLIST
permit ip any host 10.11.1.10 (10.11.1.10 is the ironport proxy IP address)
Below is an example of how you should setup your ironport for a customer service number. Place the port numbers that you want to redirect.
Christian Rahl
Customer Support Engineer
Cisco IronPort - Web Security Appliances
Cisco Technical Assistance Center RTP
United States Ironport: 1-877-641-IRON (4766)
06-18-2012 03:41 PM
hi
I have the same setup, and it works.
--> sh ip wccp web-cache detail
are you using GRE or L2?
regards
Claudio
Sent from Cisco Technical Support iPad App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide