Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1325
Views
5
Helpful
2
Replies

WCCP on ASA question

Go to solution
blittrell
Level 1
Level 1

‎09-30-2008 12:16 PM - edited ‎03-11-2019 06:51 AM

Hi All

I am trying to configure WCCP on the ASA, it seems pretty straight forward but I am not having any luck with it working.

The Web cache server we are using is the Barracuda Web Filter with the latest firmware update that is suppose to work with WCCP V2.

So this is what I have and did.

I have the proxy server in the company DMZ, I created a ACL that allows all IP traffic from our Guest net to go to the IP address of the proxy in the DMZ. I then configured the webcache to use this ACL and added the service to the redirect group.

After this it still does not use the Barracuda server. The one thing that I was thinking may be the issue, it is mentioned in the docs that the proxy and the clients accessing the proxy have to be on the same interface, which they are not. The clients can access the server no problem but they are not on the same interface. Anyone know if this is the issue or does it work when the proxy is on the DMZ interface and the clients are on the internal interface?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
abinjola
Cisco Employee
Cisco Employee

‎09-30-2008 09:46 PM

The only topology that the security appliance supports is when client and cache engine are behind the same interface of the security appliance and the cache engine can directly communicate with the

client without going through the security appliance.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/dhcp.html#wp1094628

Rate if it helps !

View solution in original post

2 Replies 2

Go to solution
abinjola
Cisco Employee
Cisco Employee

‎09-30-2008 09:46 PM

The only topology that the security appliance supports is when client and cache engine are behind the same interface of the security appliance and the cache engine can directly communicate with the

client without going through the security appliance.

http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/dhcp.html#wp1094628

Rate if it helps !

Go to solution
blittrell
Level 1
Level 1
In response to abinjola

‎10-01-2008 06:23 AM

I was afraid of that:( I was hoping I read it wrong or there was a change so I did not have to redesign the current network to get it to work..

Thanks

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card