Solved

Cisco and WCCP 1

Posted on 2011-02-23
16
932 Views
Last Modified: 2012-05-11
Have a 2821 with an st. benard iprism running wccp ver 1.  all seemed to be working then a couple days ago stopped.  i get on router to verify all the interfaces have redirect turned on, and they do, but when i do wccp sho commands i get the following

router02#sh ip wccp interfaces
% WCCP version 1 is not enabled
router02#sh ip wccp web-cache
% WCCP version 1 is not enabled


so i try to so ip wccp enable, and it doesn't recognize that command..any ideas?
0
Comment
Question by:jasonmichel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
16 Comments
 
LVL 6

Expert Comment

by:wpharaon
ID: 34967328
what do you mean doesn't recognize that command ?
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 34969704
exactly what i said..ha..
router02(config)#ip wccp enable
                          ^
% Invalid input detected at '^' marker.

but the marker is actually at enable
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 34984608
Can you provide "show version" and "show runn" output?
0
Why You Need a DevOps Toolchain

IT needs to deliver services with more agility and velocity. IT must roll out application features and innovations faster to keep up with customer demands, which is where a DevOps toolchain steps in. View the infographic to see why you need a DevOps toolchain.

 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34985920
DId you upgraded the ios?
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 34986054
its been working, thats whats wierd, its not like its a new install


heres the output

#sh ver
Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(19b), RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 13-Jun-08 04:12 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

PCCHMRT02 uptime is 1 minute
System returned to ROM by power-on
System image file is "flash:c2800nm-adventerprisek9-mz.124-19b.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 2821 (revision 53.50) with 247808K/14336K bytes of memory.
Processor board ID FTX1138A42S
4 FastEthernet interfaces
2 Gigabit Ethernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
239K bytes of non-volatile configuration memory.
62720K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102


attached is the running config
courthouse-scrub.txt
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 34998255
anything?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 34999880
I was looking at our wccp config, and we do not use "ip wccp enable." We just configure a wccp redirect list and apply it to an interface:
ip wccp 10 redirect-list 171
int g1/1
 ip wccp 10 redirect out
access-list 171 etc etc

So, how do you know the router is the problem? What is the output of "show ip wccp"
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 35000001
PCCHMRT02#sh ip wccp
% WCCP version 1 is not enabled
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 35000036
interface Vlan5
 description To inet on broadband
 ip address 1.1.1.1 255.255.255.240
 ip nat outside
 ip virtual-reassembly
 crypto map VPN


this is the internet interface, i do see the redirect out on it

but on the vlan interfaces for the LAN the redirect in is there

interface GigabitEthernet0/1.35
 encapsulation dot1Q 35
 ip address 10.15.35.1 255.255.255.0
 ip access-group NoSPAM in
 ip helper-address 10.15.31.6
 no ip proxy-arp
 ip wccp web-cache redirect in
 ip nat inside
 ip virtual-reassembly

0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
ID: 35000065
SOMETHING must have changed, either on the web cache server or on the router. Are you sure version 1 still works? Have you tried removing the ip wccp version 1 statement and see what happens?
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 35000083
The ip of the iprism device is 172.31.30.2  this seems to be the internet filtering acls below


ip access-list extended inet-traffic
 deny   ip 10.15.0.0 0.0.255.255 10.15.1.0 0.0.0.255
 deny   ip 10.15.0.0 0.0.255.255 10.0.0.0 0.255.255.255
 deny   ip 10.15.0.0 0.0.255.255 192.168.0.0 0.0.255.255
 deny   ip 10.15.0.0 0.0.255.255 172.16.0.0 0.15.255.255
 deny   ip 192.168.253.0 0.0.0.255 10.0.0.0 0.255.255.255
 deny   ip 192.168.253.0 0.0.0.255 192.168.0.0 0.0.255.255
 deny   ip 192.168.253.0 0.0.0.255 172.16.0.0 0.15.255.255
 deny   ip 172.31.30.0 0.0.0.3 10.15.1.0 0.0.0.255
 deny   ip 172.31.30.0 0.0.0.3 10.0.0.0 0.255.255.255
 deny   ip 172.31.30.0 0.0.0.3 192.168.0.0 0.0.255.255
 deny   ip 172.31.30.0 0.0.0.3 172.16.0.0 0.15.255.255
 deny   ip 192.168.253.0 0.0.0.255 10.15.1.0 0.0.0.255
 permit ip 10.15.0.0 0.0.255.255 any
 permit ip 192.168.253.0 0.0.0.255 any
 permit ip 172.31.30.0 0.0.0.3 any
 permit ip 192.168.25.0 0.0.0.255 any

route-map WEB permit 10
 match ip address URL
 set ip next-hop 172.31.30.1
!
route-map NAT permit 10
 match ip address inet-traffic
!
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 35000093
that is kinda what i'm hoping to get help with, i've never set up, and i'm just trying to filter through and figure out what happened...what do you suggest i try?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 35000209
This doesn't seem to do anything anyway, as it's not applied anywhere (and there's no access list called "URL")

route-map WEB permit 10
 match ip address URL
 set ip next-hop 172.31.30.1

I would work with the web cache appliance vendor, as they usually understand how to configure Cisco equipment to be compatible. I don't know how that's supposed to work, so it's hard to help.
0
 
LVL 1

Author Closing Comment

by:jasonmichel
ID: 35008020
to enable wccp on this ios, i guess you have to use the

ip wccp web-cache

i did that and it started working..odd

thanks for the help though
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
Is your computer hacked? learn how to detect and delete malware in your PC
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question