Cisco ASA wccp support for WAAS configuration guide.
proxy server should accept requests on port 8080 and 80
Topology:
IP addresses:
- ASA inside IP: 10.10.10.1/24
- PC IP: 10.10.10.10
- PROXY SRV IP: 10.10.10.251
Action Plan:
WCCP Interaction with Other Features for PIX/ASA:
http://www.cisco.com/en/US/docs/security/asa/asa80/configuration/guide/dhcp.html#wp1094445
Here I have read the following:
“The standard service is web-cache, which intercepts TCP port 80 (HTTP) traffic and redirects that traffic to the cache engines, but you can identify a service number if desired between 0 and 254. For example, to transparently redirect native FTP traffic to a cache engine, use WCCP service 60. You can enter this command multiple times for each service group you want to enable.”
I have found a link with the used service groups:
WCCP service groups:
http://ciscoarticles.com/network/redirecting-application-requests/
1, If on the proxy server I create a service group:
| Service Group Name: TEST8080 Service Group Number: 91 (from the user defined part, that is 90-97) Description: My test tcp port Default Ports: 8080 |
It can be done on squid for example with the “wccp2_service_info” tag.
Source:
http://www.visolve.com/squid/squid26/miscellaneous.php#wccp2_service_info
I guess it can be done on Cisco WAAS, for example.
Source:
http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v401/configuration/guide/traffic.html
2, I configure the following (ASA Software version 7.2.2):
| wccp web-cache wccp 91 wccp interface inside web-cache redirect in wccp interface inside 91 redirect in |
In that case the ASA will intercepts TCP port 80 (HTTP) traffic and redirects that traffic to the cache engines.
WCCP for Cisco router and squid from the Internet:
http://www.squid-cache.org/mail-archive/squid-users/200609/0393.html
http://www.sublime.com.au/squid-wccp/
WCCP RFC:
http://www.wrec.org/Drafts/draft-wilson-wrec-wccp-v2-00.txt
itsecworks 
Posted on November 18, 2010
0