Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Proxy Server

Hello All,

I have a 6500 and an ASA installed. I need to proxy http traffic to a 3rd party Web filter before it hits the ASA. How do i accomplish this? Do i use WCCP? If so, what version?

Thanks,

G

Please rate useful posts.
4 REPLIES
Hall of Fame Super Silver

Re: Proxy Server

Hello George,

you can use WCCP2 for this if supported on that 3party device.

WCCP any version implies a communication between web cache(s) and router(s)

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/wccp.html

if this is not your case you can use PBR.

Hope to help

Giuseppe

Re: Proxy Server

Hi Giuseppe,

Thanks a lot for the response. The 3rd party device is a Web filter that doesnt support WCCP. I think I will have to fo the PBR route. Where do I have to set the route-map policy? Is it on the firewall VLAN interface or on all VLAN's where I have clients connected?

Thanks a lot for your help.

G

Please rate useful posts.
Hall of Fame Super Silver

Re: Proxy Server

Hello George,

PBR has to be applied inbound so you need it on the internal interfaces where traffic originated by clients is received.

The web filter/cache has to be reachable through a separate L3 interface

Hope to help

Giuseppe

Re: Proxy Server

Hi Giuseppe,

If I understand this right, I will have to put the policy map on each and every VLAN and the IP address of the web filter should be on a different VLAN, correct?

Thanks,

G

Please rate useful posts.
123
Views
0
Helpful
4
Replies