Firewalls, PIX, ASA, VPN, Access Control List, User Authentication, Data Encryption and Best Practices.
I see two redirect interfaces wccp web-cache group-list wccp-servers redirect-list wccp-trafficwccp interface Management web-cache redirect inwccp interface inside web-cache redirect in Where are your host browsing? Behind what interface?Your hosts need to be behind the same interface as the wccp engine, that is a requirement I hope it helps. PK[/quote]
All hosts are in 192.168.40.0/24 network and my proxy server is also in 40 n/w. - Ribin
My scenario is like below: Users (in 192.168.40.0/24 n/w) ------- Layer 3 switch(default g/w of all traffic is 192.168.30.1) ------------(192.168.30.8) ASA--------Internet Management interface IP of ASA is 192.168.40.8 and inside interface IP is 192.168.30.8. Squid server is connected in Layer 3 switch with IP 192.168.40.201. All users are in 192.168.40.0/24 n/w. - Ribin
Your hosts need to be behind the same interface as your squid. The squid needs to be able to send the pages to the hosts directly, not through the ASA. To begin with I would try just the wccp web-cache redirect-list wccp-trafficwccp interface Management web-cache redirect in Make sure the management interface has the command "no management-only". Then see if the ASA redirects and if he sees the squid "sh wccp" commands. I hope it helps. PK
Hi, My show wccp command output is below: ASA(config)# sh wccp Global WCCP information: Router information: Router Identifier: -not yet determined- Protocol Version: 2.0 Service Identifier: web-cache Number of Cache Engines: 0 Number of routers: 0 Total Packets Redirected: 0 Redirect access-list: wccp-traffic Total Connections Denied Redirect: 0 Total Packets Unassigned: 0 Group access-list: wccp-servers Total Messages Denied to Group: 0 Total Authentication failures: 0 Total Bypassed Packets Received: 0 It seems nothing is happening. I did "no management-only command in my management interface. - Ribin