[c-nsp] 7206 running WCCP rewriting the source ip address

dean.albano at 121media.com dean.albano at 121media.com
Fri May 26 18:00:28 EDT 2006


We have a Cisco 7206(non vxr) running IOS 12.2-18 with WCCPv2.  We are  
redirecting all
inbound port 80 traffic (from the user vlan) to a trasparent squid  
proxy (with WCCPv2
patch installed).  A tcpdump capture shows that the router is  
redirecting the traffic,
but it is also rewriting the source IP address of the packets to that  
of the router
loopback address.  All traffic is also tunneled via GRE.  In our lab,  
this is not the
case.  GRE is only used for the WCCP hello packets.  Any ideas?

Proxy is directly connected to the router on eth2/1
Client vlans connects via fa0/0
Web servers are reachable via serial3/0

WCCP specific commands:

ip wccp web-cache redirect-list 100

int fa0/0
-ip wccp web-cache redirect in

ACL 100 allows traffic from 3 contiguous subnets and blocks everything  
else.  The
loopback address is not permitted via the ACL.


Regards,

Dean J. Albano
Network Integration Consultant
121Media, Inc.
dean.albano at 121media.com


More information about the cisco-nsp mailing list