[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

Cisco and WCCP 1

Posted on 2011-02-23
16
Medium Priority
?
943 Views
Last Modified: 2012-05-11
Have a 2821 with an st. benard iprism running wccp ver 1.  all seemed to be working then a couple days ago stopped.  i get on router to verify all the interfaces have redirect turned on, and they do, but when i do wccp sho commands i get the following

router02#sh ip wccp interfaces
% WCCP version 1 is not enabled
router02#sh ip wccp web-cache
% WCCP version 1 is not enabled


so i try to so ip wccp enable, and it doesn't recognize that command..any ideas?
0
Comment
Question by:jasonmichel
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
16 Comments
 
LVL 6

Expert Comment

by:Wissam
ID: 34967328
what do you mean doesn't recognize that command ?
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 34969704
exactly what i said..ha..
router02(config)#ip wccp enable
                          ^
% Invalid input detected at '^' marker.

but the marker is actually at enable
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 34984608
Can you provide "show version" and "show runn" output?
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 34

Expert Comment

by:Istvan Kalmar
ID: 34985920
DId you upgraded the ios?
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 34986054
its been working, thats whats wierd, its not like its a new install


heres the output

#sh ver
Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(19b), RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 13-Jun-08 04:12 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

PCCHMRT02 uptime is 1 minute
System returned to ROM by power-on
System image file is "flash:c2800nm-adventerprisek9-mz.124-19b.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 2821 (revision 53.50) with 247808K/14336K bytes of memory.
Processor board ID FTX1138A42S
4 FastEthernet interfaces
2 Gigabit Ethernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
239K bytes of non-volatile configuration memory.
62720K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102


attached is the running config
courthouse-scrub.txt
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 34998255
anything?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 34999880
I was looking at our wccp config, and we do not use "ip wccp enable." We just configure a wccp redirect list and apply it to an interface:
ip wccp 10 redirect-list 171
int g1/1
 ip wccp 10 redirect out
access-list 171 etc etc

So, how do you know the router is the problem? What is the output of "show ip wccp"
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 35000001
PCCHMRT02#sh ip wccp
% WCCP version 1 is not enabled
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 35000036
interface Vlan5
 description To inet on broadband
 ip address 1.1.1.1 255.255.255.240
 ip nat outside
 ip virtual-reassembly
 crypto map VPN


this is the internet interface, i do see the redirect out on it

but on the vlan interfaces for the LAN the redirect in is there

interface GigabitEthernet0/1.35
 encapsulation dot1Q 35
 ip address 10.15.35.1 255.255.255.0
 ip access-group NoSPAM in
 ip helper-address 10.15.31.6
 no ip proxy-arp
 ip wccp web-cache redirect in
 ip nat inside
 ip virtual-reassembly

0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 2000 total points
ID: 35000065
SOMETHING must have changed, either on the web cache server or on the router. Are you sure version 1 still works? Have you tried removing the ip wccp version 1 statement and see what happens?
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 35000083
The ip of the iprism device is 172.31.30.2  this seems to be the internet filtering acls below


ip access-list extended inet-traffic
 deny   ip 10.15.0.0 0.0.255.255 10.15.1.0 0.0.0.255
 deny   ip 10.15.0.0 0.0.255.255 10.0.0.0 0.255.255.255
 deny   ip 10.15.0.0 0.0.255.255 192.168.0.0 0.0.255.255
 deny   ip 10.15.0.0 0.0.255.255 172.16.0.0 0.15.255.255
 deny   ip 192.168.253.0 0.0.0.255 10.0.0.0 0.255.255.255
 deny   ip 192.168.253.0 0.0.0.255 192.168.0.0 0.0.255.255
 deny   ip 192.168.253.0 0.0.0.255 172.16.0.0 0.15.255.255
 deny   ip 172.31.30.0 0.0.0.3 10.15.1.0 0.0.0.255
 deny   ip 172.31.30.0 0.0.0.3 10.0.0.0 0.255.255.255
 deny   ip 172.31.30.0 0.0.0.3 192.168.0.0 0.0.255.255
 deny   ip 172.31.30.0 0.0.0.3 172.16.0.0 0.15.255.255
 deny   ip 192.168.253.0 0.0.0.255 10.15.1.0 0.0.0.255
 permit ip 10.15.0.0 0.0.255.255 any
 permit ip 192.168.253.0 0.0.0.255 any
 permit ip 172.31.30.0 0.0.0.3 any
 permit ip 192.168.25.0 0.0.0.255 any

route-map WEB permit 10
 match ip address URL
 set ip next-hop 172.31.30.1
!
route-map NAT permit 10
 match ip address inet-traffic
!
0
 
LVL 1

Author Comment

by:jasonmichel
ID: 35000093
that is kinda what i'm hoping to get help with, i've never set up, and i'm just trying to filter through and figure out what happened...what do you suggest i try?
0
 
LVL 28

Expert Comment

by:mikebernhardt
ID: 35000209
This doesn't seem to do anything anyway, as it's not applied anywhere (and there's no access list called "URL")

route-map WEB permit 10
 match ip address URL
 set ip next-hop 172.31.30.1

I would work with the web cache appliance vendor, as they usually understand how to configure Cisco equipment to be compatible. I don't know how that's supposed to work, so it's hard to help.
0
 
LVL 1

Author Closing Comment

by:jasonmichel
ID: 35008020
to enable wccp on this ios, i guess you have to use the

ip wccp web-cache

i did that and it started working..odd

thanks for the help though
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question