I have a firewall with Iptables where my machines are behind the same. I'm with the WSA configured in the same transparent LAN iptables, I wonder if I forward all traffic tcp/80 and TCP/443 for IronPort, I can make it work seamlessly. Is this possible? I did some testing in an isolated environment, but without success.
forwarding (redirecting) the packet to the WSA via L2 is what the WSA User Guide specifis as L2 transparent mode. This should just work as expected. WCCP would be a different protocol which controls more the redirection progress and can be used also to failover. While "plain" L2 transparent forwarding doesn't have any reiablility, WCCP will let you have troubelshooting/alerting when things go wrong.
However, in most cases you go with WCCP together with a IOS Router.
forwarding (redirecting) the packet to the WSA via L2 is what the WSA User Guide specifis as L2 transparent mode. This should just work as expected. WCCP would be a different protocol which controls more the redirection progress and can be used also to failover. While "plain" L2 transparent forwarding doesn't have any reiablility, WCCP will let you have troubelshooting/alerting when things go wrong.
However, in most cases you go with WCCP together with a IOS Router.
-Stephan
Learn, share, save
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
