I have cisco ASA firewall, a Cisco router and a cachebox, the cisco router is connected to the inside interface of my ASA which connect directly to my inside network and my ASA is facing the WAN interface. the cache engine ip is 192.168.1.18 and my inside network is 192.168.1.0. i only enable wccp on the ASA firewall but did not enable on the router. i also permitted port 80 and 443 to be redirected to the cache engine. but after doing show command on my ASA, i got the following results
Service Identifier: 90 Number of Cache Engines: 1 Number of routers: 1 Total Packets Redirected: 0 Redirect access-list: wccp-users Total Connections Denied Redirect: 52208 Total Packets Unassigned: 0 Group access-list: wccp-server Total Messages Denied to Group: 0 Total Authentication failures: 0 Total Bypassed Packets Received: 0
Service Identifier: 70 Number of Cache Engines: 1 Number of routers: 1 Total Packets Redirected: 0 Redirect access-list: wccp-able Total Connections Denied Redirect: 27836 Total Packets Unassigned: 0 Group access-list: wccp-server Total Messages Denied to Group: 0 Total Authentication failures: 0 Total Bypassed Packets Received: 0
This is my wccp configuration on my ASA
omsasa(config)# sh run wccp wccp 70 redirect-list wccp-able group-list wccp-server wccp 90 redirect-list wccp-users group-list wccp-server wccp interface inside 70 redirect in wccp interface inside 90 redirect in
omsasa(config)# sh run access-list wccp-users access-list wccp-users remark bypass proxy access-list wccp-users remark proxy access access-list wccp-users extended deny ip any any access-list wccp-users extended permit tc188.8.131.52 255.255.255.0 host 192.168.1.18 eq www access-list wccp-users extended permit tcp 192.168.5.0 255.255.255.252 host 192.168.1.18 eq www
omsasa(config)# sh run access-list wccp-able access-list wccp-able remark bypass proxy access-list wccp-able remark proxy access access-list wccp-able extended deny ip any any access-list wccp-able extended permit tcp 192.168.1.0 255.255.255.0 host 192.168.1.18 eq https access-list wccp-able extended permit tcp 192.168.5.0 255.255.255.252 host 192.168.1.18 eq https
it is not redirecting. is there anything i need to configure on the cisco router or on the ASA to make it work. please i need an answer to this problem
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...