Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1426
Views
0
Helpful
3
Replies

WCCP redirection in 3750 bad rcv id error

Ajay Dmello
Level 1
Level 1

‎08-31-2013 02:45 AM

I am attempting to sample a test deployment of WSA S170 with WCCP redirection using a CAT 3750-X.I have defined a custom service group as that of 91for redirecting HTTP and HTTPS traffic from my end user's subnets.I am repeatedly receiving an error as follows:-

WCCP-EVNT:D91: HIA from 12.12.12.12 with bad rcv_id:76/0

The CAT switch is running IOS 12.2(44)SE and the WSA is running an OS version of  7.1.3.Is it a bug on the provided version IDs/model number.Thank you in advance for your co-operation.

Yours sincerely,
Ajay D'mello       

Yours sincerely, Ajay D'mello
Labels:
0 Helpful
3 Replies 3

Erik Kaiser
Cisco Employee
Cisco Employee

‎09-02-2013 11:38 AM

Hi Ajay,

Please configure your WSAs Transparent Redirection Service to use mask, L2 forward and L2 return. This is located in the GUI of the WSA -> Network -> Transparent Redirection -> Click on your Service ID to edit the conifiguration -> Click on Advanced located on the lower left of the page in blue text. Submit and commit your changes. If this does not help please open a support case with Content Security Team.

Sincerely,

Erik Kaiser
WSA CSE
WSA Cisco Forums Moderator

Sincerely, Erik Kaiser WSA CSE WSA Cisco Forums Moderator
0 Helpful

Ajay Dmello
Level 1
Level 1
In response to Erik Kaiser

‎10-12-2013 04:44 AM

I am sorry Kaiser but I tried the exact above method and did not solve the issue.Would love to accept any further input.

Yours sincerely,
Ajay D'mello

Yours sincerely, Ajay D'mello
0 Helpful

Vance Kwan
Cisco Employee
Cisco Employee
In response to Ajay Dmello

‎10-12-2013 11:12 AM

Ajay,

I've seen those errors before and they were typically resolved with an upgrade on the switch.

Can you also provide the output on the switch?  show run | include wccp

I don't believe there is a really clean answer to this.  You can take a look at the WCCP logs on the WSA by enabling the logging level to debug (for proxylog), then tailing it from the CLI.

You may also do a packet capture at the WSA and filter for 'udp port 2048' (no quotes) to see the WCCP packets to see if you can find anything wrong (look at the Here I Am and I See You packets).  But from the error you provided, I believe you will not see any I See You packets.

If you do not find anything obvious in those, I'd recommend you open up a TAC case.  To be quite honest, I think this is a switch issue.  But if you feel it is an error on the WSA's end, you can pursue that route as well.

-Vance

0 Helpful
Top