[GTER] WCCP + Ironport

Fabio Luiz fabiosk at gmail.com
Wed Oct 24 16:04:01 -02 2012


Amigos,

Estou com um problema na criação de uma regra de WCCP para integrar meu ASA
ao meu Ironport.
Tenho o seguinte topologia:

(Notebook/ Dispositivos Moveis) - > *[SSID - Guest]* -> AP -> Controller ->
*[DHCP Server(172.20.5.0/24)]* -> *[172.20.5.1]* ASA *[192.168.0.1]*-> *[Rede
Interna - 192.168.0.0/24]* -> Ironport[192.168.0.9]

Configuração WCCP no ASA
access-list Rede_WCCP extended permit tcp object Rede_Guest any eq www
access-list Rede_WCCP_Cache extended permit object-group
DM_INLINE_SERVICE_8 object Rede_Guest any
access-list Rede_WCCP_Cache extended permit tcp any eq www object
Rede_Guest inactive
wccp web-cache redirect-list Rede_WCCP group-list Rede_WCCP password *****
wccp 90 redirect-list Rede_WCCP_Cache group-list Rede_WCCP_Cache password
*****
wccp interface Guest web-cache redirect in
wccp interface Guest 90 redirect in

No Ironport eu configurei da seguinte maneira:
Type: WCCPv2
Service Profile Name: HTTPS
Service: Dynamic service ID: 90
             Port numbers: 443
Router IP Addresses: 172.20.5.1
Router Security: Enable Security for Service
               Password: xxxxxx

Service Profile Name: HTTP
Service: Standard service ID: 0 web-cache (destination port 80)
Router IP Addresses: 172.20.5.1
Router Security: Enable Security for Service
               Password: xxxxxx

E no status do serviço no ASA Venho recebendo o seguinte erro:
Global WCCP information:
    Router information:
    Router Identifier:                   -not yet determined-
    Protocol Version:                    2.0

    Service Identifier: web-cache
    Number of Cache Engines:             0
    Number of routers:                   0
    Total Packets Redirected:            0
    Redirect access-list:                Rede_WCCP
    Total Connections Denied Redirect:   0
    Total Packets Unassigned:            0
    Group access-list:                   Rede_WCCP
    Total Messages Denied to Group:      1183
    Total Authentication failures:       0
    Total Bypassed Packets Received:     0

    Service Identifier: 90
    Number of Cache Engines:             0
    Number of routers:                   0
    Total Packets Redirected:            0
    Redirect access-list:                Rede_WCCP_Cache
    Total Connections Denied Redirect:   0
    Total Packets Unassigned:            0
    Group access-list:                   Rede_WCCP_Cache
    Total Messages Denied to Group:      10230
    Total Authentication failures:       0
    Total Bypassed Packets Received:     0

Agradeço a atenção de todos.

-- 
Atenciosamente

Fabio Silva
LPIC-1 | Novell CLA 11 | Novell DCTS | TrendMicro CSE



More information about the gter mailing list