Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
185
Views
0
Helpful
1
Replies

WSA ICAP COMMUNICATION USING P1 INTERFACE

Alex2025
Spotlight
Spotlight

‎05-13-2026 05:53 AM

Hello Team,

I'm trying to configure an external DLP on WSA. I'm using the ICAP protocol to intercept traffic and send it to the DLP. The traffic is going through the management interface (M1) instead of the production port, even though I've set up specific routes. Is this normal? If not, how can I force ICAP traffic to the production interface?

Labels:
0 Helpful
1 Reply 1

amojarra
Cisco Employee
Cisco Employee

‎05-22-2026 06:30 AM

Hello @Alex2025 

if you have a separate routing table, lets say:

Management interface: 192.168.1.100/24 : Gateway : 192.168.1.1

P1 interface: 192.168.2.100/24 : Gateway :192.168.2.1

and the DLP server is 192.168.3.33

create an static route in Management routing table for your DLP server, and put the P1's Gateway there

Management Routing table

DLP_Static_Route: 192.168.3.33 -> 192.168.2.1

 

Regards,

Amirhossein Mojarrad

+++++++++++++++++++++++++++++++++++++++++++++++++++

++++     If you find this answer helpful, please rate it as such    ++++

+++++++++++++++++++++++++++++++++++++++++++++++++++

Regards,
Amirhossein Mojarrad
+++++++++++++++++++++++++++++++++++++++++++++++++++
++++ If you find this answer helpful, please rate it as such ++++
+++++++++++++++++++++++++++++++++++++++++++++++++++
0 Helpful
Customers Also Viewed These Support Documents