Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

WCCP and Squid: Asa stops redirecting after some time

Hi,

we're using an Cisco ASA as Office Firewall with wccp web-cache redirection to squid 3.1.19. This setup has worked for years now, but since a few weeks, the asa stops redirecting packets every 1 or 2 days.

show wccp web-cache detail

says all ok:

WCCP Cache-Engine information:

Web Cache ID:          caching-machine

Protocol Version:      2.0

State:                 Usable

Initial Hash Info:     00000000000000000000000000000000

                       00000000000000000000000000000000

Assigned Hash Info:    00000000000000000000000000000000

                       00000000000000000000000000000000

Hash Allotment:        0 (0.00%)

Packets Redirected:    293698636

Connect Time:          17:01:35

also debug wccp packets shows the normal communication between the asa and squid. After restarting the squid, the asa starts redirecting packets again, but only for one or two days.

Any suggestions, where to do additional debugging?

here some additonal information:

show wccp interfaces detail

WCCP interface configuration details:

    Ethernet0/0

Output services: 0

Input services:  1

Static:          Web-cache

Dynamic:         None

Mcast services:  0

Exclude In:      FALSE

show version

Cisco Adaptive Security Appliance Software Version 8.4(4)5

Device Manager Version 6.4(9)

Compiled on Wed 08-Aug-12 19:07 by builders

System image file is "disk0:/asa844-5-k8.bin"

Config file at boot was "startup-config"

fw01 up 73 days 0 hours

Hardware:   ASA5510, 1024 MB RAM, CPU Pentium 4 Celeron 1600 MHz

Internal ATA Compact Flash, 256MB

BIOS Flash M50FW080 @ 0xfff00000, 1024KB

Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)

                             Boot microcode   : CN1000-MC-BOOT-2.00

                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03

                             IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.06

                             Number of accelerators: 1

0: Ext: Ethernet0/0         : address is XXX irq 9

1: Ext: Ethernet0/1         : address is XXX, irq 9

2: Ext: Ethernet0/2         : address is XXX, irq 9

3: Ext: Ethernet0/3         : address isXXX, irq 9

4: Ext: Management0/0       : address is XXX, irq 11

5: Int: Not used            : irq 11

6: Int: Not used            : irq 5

Licensed features for this platform:

Maximum Physical Interfaces       : Unlimited      perpetual

Maximum VLANs                     : 100            perpetual

Inside Hosts                      : Unlimited      perpetual

Failover                          : Active/Active  perpetual

VPN-DES                           : Enabled        perpetual

VPN-3DES-AES                      : Enabled        perpetual

Security Contexts                 : 2              perpetual

GTP/GPRS                          : Disabled       perpetual

AnyConnect Premium Peers          : 25             perpetual

AnyConnect Essentials             : Disabled       perpetual

Other VPN Peers                   : 250            perpetual

Total VPN Peers                   : 250            perpetual

Shared License                    : Disabled       perpetual

AnyConnect for Mobile             : Enabled        perpetual

AnyConnect for Cisco VPN Phone    : Disabled       perpetual

Advanced Endpoint Assessment      : Disabled       perpetual

UC Phone Proxy Sessions           : 2              perpetual

Total UC Proxy Sessions           : 2              perpetual

Botnet Traffic Filter             : Disabled       perpetual

Intercompany Media Engine         : Disabled       perpetual

This platform has an ASA 5510 Security Plus license.

We're using an redirect-list with some deny entries to prevent our own websites from caching. 

414
Views
0
Helpful
0
Replies
CreatePlease to create content