Cisco Support Community
Community Member

WCCP Transparent Proxy - Ironport

Hi all,

For long time I have been trying to implent a wccp to redirect traffic to an Ironport S160, but it´s very difficult, I have no more ideas what can be happen with.

The idea is that the users at branch network, transparently forward  http traffic to Ironport web-cache.

The communication between sites is over VPN. I have two GRE tunnels running OSPF.

The ASA is not blocking anything between the sites.

I have estabilished communication with the Ironport and it seems packets are redirect, but the browser response timeout.

If I set proxy at browser It work´s normally.

I have tried to config service 99 and web-cache without access-lists and to apply redirect out on interfaces tunnel but nothing happen.

At Ironport, I set IP spoofing, configured other service ID, allow hash only, mask only and nothing.

Any idea?


ip wccp check services all
ip wccp 99  redirect-list ProxyList group-list IronWeb password xxxx
ip  access-list standard IronWeb
ip access-list  extended ProxyList
permit tcp any eq www
permit  tcp any eq 443
interface FastEthernet0/0
ip  wccp 99 redirect in

Router2#sh ip wccp 99

Global WCCP  information:

    Router  information:

        Router  Identifier:                   201.x.x.x

        Protocol  Version:                    2.0

    Service  Identifier: 99

        Number of Service Group  Clients:     1

        Number of Service Group Routers:      1

        Total Packets s/w Redirected:         1216

           Process:                           0

          CEF:                                1216

        Service  mode:                        Open

        Service  Access-list:                 -none-

        Total  Packets Dropped Closed:        0

        Redirect  Access-list:                ProxyList

        Total Packets Denied  Redirect:       612

        Total  Packets Unassigned:            0

        Group  Access-list:                   IronWeb

        Total  Messages Denied to Group:      0

        Total  Authentication failures:       0

        Total  Bypassed Packets Received:     0

Router2#sh ip wccp 99 det

WCCP Client  information:

        WCCP  Client ID:

        Protocol  Version:        2.0

         State:                   Usable

         Redirection:             GRE

        Packet  Return:           GRE

        Assignment:               HASH

        Initial  Hash Info:       00000000000000000000000000000000




        Hash  Allotment:          256 (100.00%)

        Packets  s/w Redirected:  743

        Connect  Time:            14:12:30

        Bypassed  Packets

           Process:               0

           CEF:                   0

           Errors:                0

CreatePlease to create content