WCCP with HTTPS

katab · ‎03-12-2007

I'm trying to configure WCCP between Cisco Cat4507 & bluecoat , it is working fine for HTTP but not for HTTPS . The following is my configuration

BlueCoat :

wccp enable

wccp version 2

service-group web-cache

forwarding-type L2

assignment-type mask

mask-scheme destination-ip

interface 0:0

home-router X.X.X.X

end

Cat4507 :

ip wccp web-cache

interface Vlan18

ip address X.X.X.X X.X.X.X

ip helper-address X.X.X.X

ip wccp web-cache group-listen

no ip route-cache cefend

interface Vlan51

ip address X.X.X.X X.X.X.X

ip helper-address X.X.X.X

ip wccp web-cache redirect in

no ip route-cache cef

no ip route-cacheend

Is it related to the service-group ?

Syed Iftekhar Ahmed · ‎03-12-2007

You need to enable Https cache service (service 70).This service permits WCCP Version 2 enabled devices to redirect HTTPS traffic to CEs.

(config)# ip wccp 70 <-- To turn on service 70

(config)# int

(config-if)# ip wccp 70 redirect {in|out}

katab · ‎03-13-2007

Iftekhar,

Thanks for your replay .

Do I need to use the following command

* ip wccp 70 group-listen under the interface link to the BlueCoat , if yes

How can i enable several service group in bluecoat ?

Thanks

Syed Iftekhar Ahmed · ‎03-13-2007

I am not familiar with bluecoat.Probably you should try forums on their website :).

Just to clear things up

On WCCP capable routers/switches you need to configure different services to redirect different traffic.

For example

(Web = service 0 also called web-cache)

(SSL - Service 70) (DNS Service 53) (Reverse proxy - Service 99) (FTP native - service 60) etc..

"ip wccp web-cache redirect in" commmand in your case is redirecting web traffic to the configured "service-group" (which is by defination cluster of CEs).

"ip wccp web-cahe group-listen" command is used to configure an interface on a WCCP V2 router to enable the reception of IP multicast packets.

Syed Iftekhar Ahmed