×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

reverse proxy

Unanswered Question
Jul 28th, 2008
User Badges:
  • Bronze, 100 points or more

I'm trying to setup a reverse proxy with Cisco CE-511-RP . I connected the CE-511-RP on outside of pix and i want to reverse caching for some servers in my public network .


WCCP is is running on PIX defaultgateway (outside router ) and my question is that how i can do reverse proxy configuration ? , whether i can rediarect the ports other than 80, 443 to the proxy ?


Regarsd

HAris



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
dstolt Tue, 07/29/2008 - 05:51
User Badges:
  • Cisco Employee,

What version of PIX are you running? It may depend on what it can support (looks like WCCP support was introduced with 7.2). Here is a link to configure PIX 8.x with WCCP.


http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/uz.html#wp1527557


WCCP in general has several standard service numbers as well as user defined services (90-98). Check out the following URL for the WCCP services ACNS supports.


http://www.cisco.com/en/US/docs/app_ntwk_services/waas/acns/v55/configuration/local/guide/refapp.html#wpxref96196


Hope that helps,

Dan

Haris P Tue, 07/29/2008 - 22:10
User Badges:
  • Bronze, 100 points or more

Is it possible to make configuration to publish some servers inside my network through the Reverse Cache using public IP address instead of using URL ?


dstolt Wed, 07/30/2008 - 04:14
User Badges:
  • Cisco Employee,

That is a function of the PIX, not ACNS. ACNS is just a cache of what users can already access to offload servers behind it.


If you are attempting to make the ACNS the actual server, it is not what it is designed for. It's possible that you could preload the static web pages off the origin server to eliminate traffic going through the firewall. However, traffic would probably still have to get to your origin server for authentication, freshness checking, etc. Anything that the cache would need to check for freshness (IMS, cache control headers, etc), ACNS would still need to go to the origin server.


Dan

Actions

This Discussion