WCCP with HTTPS

Unanswered Question
Mar 12th, 2007
User Badges:

I'm trying to configure WCCP between Cisco Cat4507 & bluecoat , it is working fine for HTTP but not for HTTPS . The following is my configuration


BlueCoat :


wccp enable

wccp version 2

service-group web-cache

forwarding-type L2

assignment-type mask

mask-scheme destination-ip

interface 0:0

home-router X.X.X.X

end



Cat4507 :


ip wccp web-cache


interface Vlan18

ip address X.X.X.X X.X.X.X

ip helper-address X.X.X.X

ip wccp web-cache group-listen

no ip route-cache cefend


interface Vlan51

ip address X.X.X.X X.X.X.X

ip helper-address X.X.X.X

ip wccp web-cache redirect in

no ip route-cache cef

no ip route-cacheend

Is it related to the service-group ?


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Syed Iftekhar Ahmed Mon, 03/12/2007 - 23:52
User Badges:
  • Blue, 1500 points or more

You need to enable Https cache service (service 70).This service permits WCCP Version 2 enabled devices to redirect HTTPS traffic to CEs.


(config)# ip wccp 70 <-- To turn on service 70


(config)# int

(config-if)# ip wccp 70 redirect {in|out}

katab Tue, 03/13/2007 - 03:20
User Badges:

Iftekhar,


Thanks for your replay .


Do I need to use the following command


* ip wccp 70 group-listen under the interface link to the BlueCoat , if yes


How can i enable several service group in bluecoat ?



Thanks



Syed Iftekhar Ahmed Tue, 03/13/2007 - 17:04
User Badges:
  • Blue, 1500 points or more

I am not familiar with bluecoat.Probably you should try forums on their website :).


Just to clear things up


On WCCP capable routers/switches you need to configure different services to redirect different traffic.


For example

(Web = service 0 also called web-cache)

(SSL - Service 70) (DNS Service 53) (Reverse proxy - Service 99) (FTP native - service 60) etc..


"ip wccp web-cache redirect in" commmand in your case is redirecting web traffic to the configured "service-group" (which is by defination cluster of CEs).


"ip wccp web-cahe group-listen" command is used to configure an interface on a WCCP V2 router to enable the reception of IP multicast packets.


Syed Iftekhar Ahmed







Actions

This Discussion