WCCP access-list help

Posted on 2009-02-16
Last Modified: 2012-05-06
I am being asked to add another instance of WCCP for test purposes.
The target router is directly connected to another router that is already performing this.

The challenge is to redirect just one subnet to the new cache and disallow the others.
Also, the users destination is shared by the rest of the company.
So, can I use source and destination subnets in a WCCP ACL?
Since the test router is on the perimeter, and I am currently using WCCP ACL IN from the Data Center ingressing to the existing first router.  Can I add deny statements that are source and destination specific?
This will be required to test on the next downstream router.

Question by:maudib031397

    Author Comment

    Ok, perhaps i should clarify that the routers are actually multilayer Cisco Switches.
    But nothing different.

    Author Comment

    Ok, I only ask one or two questions a year.

    Maybe I have outgrown this site.

    Thanks for the effort, I will wait a bit longer before moving to Tech Republic.

    But I will have to consider quitting the site if I get nothing.


    Accepted Solution

    Ok, after digging for some hours i have found my own answer.
    Yes, it is possible to use a deny statement in a WCCPv2 Redirect ACL.
    And yes it is possible to use a source and destination address in that list.

    From Cisco's Documentation:
    To disable caching for certain clients, servers, or client/server pairs, you can use WCCP access lists. The
    following example shows any requests coming from to will bypass the cache. while all
    other requests will be serviced normally:
    configure terminal
    ip wccp web-cache redirect-list 120
    access-list 120 deny tcp host
    access-list 120 deny tcp any host
    access-list 120 permit ip any any

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Maximize Your Threat Intelligence Reporting

    Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

    Hello to you all, I hear of many people congratulate AWS (Amazon Web Services) on how easy it is to spin up and create new EC2 (Elastic Compute Cloud) instances, but then fail and struggle to connect to them using simple tools such as SSH (Secure…
    AWS has developed and created its highly available global infrastructure allowing users to deploy and manage their estates all across the world through the use of the following geographical components   RegionsAvailability ZonesEdge Locations  Wh…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    794 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now