[c-nsp] 7206 running WCCP rewriting the source ip address
dean.albano at 121media.com
dean.albano at 121media.com
Fri May 26 18:00:28 EDT 2006
We have a Cisco 7206(non vxr) running IOS 12.2-18 with WCCPv2. We are
redirecting all
inbound port 80 traffic (from the user vlan) to a trasparent squid
proxy (with WCCPv2
patch installed). A tcpdump capture shows that the router is
redirecting the traffic,
but it is also rewriting the source IP address of the packets to that
of the router
loopback address. All traffic is also tunneled via GRE. In our lab,
this is not the
case. GRE is only used for the WCCP hello packets. Any ideas?
Proxy is directly connected to the router on eth2/1
Client vlans connects via fa0/0
Web servers are reachable via serial3/0
WCCP specific commands:
ip wccp web-cache redirect-list 100
int fa0/0
-ip wccp web-cache redirect in
ACL 100 allows traffic from 3 contiguous subnets and blocks everything
else. The
loopback address is not permitted via the ACL.
Regards,
Dean J. Albano
Network Integration Consultant
121Media, Inc.
dean.albano at 121media.com
More information about the cisco-nsp
mailing list