WCCP on PIX 7.2

khursheed.siddiqui · ‎10-03-2007

I am trying to conifgure WCCP to work with squid. i have the following config for wccp so far:

access-list Wccp extended permit tcp any any eq www

wccp web-cache redirect-list Wccp group-list Wccp password foo

here is the show wccp:

Global WCCP information:

Router information:

Router Identifier: -not yet determined-

Protocol Version: 2.0

Service Identifier: web-cache

Number of Cache Engines: 0

Number of routers: 0

Total Packets Redirected: 0

Redirect access-list: Wccp

Total Connections Denied Redirect: 0

Total Packets Unassigned: 0

Group access-list: Wccp

Total Messages Denied to Group: 79

Total Authentication failures: 0

Total Bypassed Packets Received: 0

and here is the debug message:

WCCP-EVNT:S00: Here_I_Am packet from xxx.xxx.xxx.xxx: invalid for group

How do i tell that the connecting ip is the right web-cache server. I have created a network group object for the server. Do i specify it in acl but how? Documentation is very vague.

didyap · ‎10-09-2007

If you have created network group objects then the servers from that group will only be able to participate and you can also see the IP of the server's in debug messages. If the error messages are only occasional things, then it probably means that wccp packets are being dropped/lost, it is ok, things will still work.

shakeelahmadch · ‎06-10-2008

did you ever got it working - if so please post configs ..

thanks.

dgroscost · ‎06-11-2008

The group-list ACL needs to contain the IP address(es) of your web-cache (squid) server(s).

redirect-list (first ACL, in your case Wccp) is the web traffic from your client you want to pass to the wccp service.

group-list contains all the squid web-cache servers.

access-list group-list extended permit ip host any

Verify that WCCP sees the web-cache (squid) server by doing a show wccp web-cache service command.