Solved

Cisco and WCCP 1

Posted on 2011-02-23
16
919 Views
Last Modified: 2012-05-11
Have a 2821 with an st. benard iprism running wccp ver 1.  all seemed to be working then a couple days ago stopped.  i get on router to verify all the interfaces have redirect turned on, and they do, but when i do wccp sho commands i get the following

router02#sh ip wccp interfaces
% WCCP version 1 is not enabled
router02#sh ip wccp web-cache
% WCCP version 1 is not enabled


so i try to so ip wccp enable, and it doesn't recognize that command..any ideas?
0
Comment
Question by:jasonmichel
16 Comments
 
LVL 6

Expert Comment

by:wpharaon
Comment Utility
what do you mean doesn't recognize that command ?
0
 
LVL 1

Author Comment

by:jasonmichel
Comment Utility
exactly what i said..ha..
router02(config)#ip wccp enable
                          ^
% Invalid input detected at '^' marker.

but the marker is actually at enable
0
 
LVL 28

Expert Comment

by:mikebernhardt
Comment Utility
Can you provide "show version" and "show runn" output?
0
 
LVL 34

Expert Comment

by:Istvan Kalmar
Comment Utility
DId you upgraded the ios?
0
 
LVL 1

Author Comment

by:jasonmichel
Comment Utility
its been working, thats whats wierd, its not like its a new install


heres the output

#sh ver
Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(19b), RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 13-Jun-08 04:12 by prod_rel_team

ROM: System Bootstrap, Version 12.4(13r)T, RELEASE SOFTWARE (fc1)

PCCHMRT02 uptime is 1 minute
System returned to ROM by power-on
System image file is "flash:c2800nm-adventerprisek9-mz.124-19b.bin"


This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco 2821 (revision 53.50) with 247808K/14336K bytes of memory.
Processor board ID FTX1138A42S
4 FastEthernet interfaces
2 Gigabit Ethernet interfaces
1 Virtual Private Network (VPN) Module
DRAM configuration is 64 bits wide with parity enabled.
239K bytes of non-volatile configuration memory.
62720K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0x2102


attached is the running config
courthouse-scrub.txt
0
 
LVL 1

Author Comment

by:jasonmichel
Comment Utility
anything?
0
 
LVL 28

Expert Comment

by:mikebernhardt
Comment Utility
I was looking at our wccp config, and we do not use "ip wccp enable." We just configure a wccp redirect list and apply it to an interface:
ip wccp 10 redirect-list 171
int g1/1
 ip wccp 10 redirect out
access-list 171 etc etc

So, how do you know the router is the problem? What is the output of "show ip wccp"
0
Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

 
LVL 1

Author Comment

by:jasonmichel
Comment Utility
PCCHMRT02#sh ip wccp
% WCCP version 1 is not enabled
0
 
LVL 1

Author Comment

by:jasonmichel
Comment Utility
interface Vlan5
 description To inet on broadband
 ip address 1.1.1.1 255.255.255.240
 ip nat outside
 ip virtual-reassembly
 crypto map VPN


this is the internet interface, i do see the redirect out on it

but on the vlan interfaces for the LAN the redirect in is there

interface GigabitEthernet0/1.35
 encapsulation dot1Q 35
 ip address 10.15.35.1 255.255.255.0
 ip access-group NoSPAM in
 ip helper-address 10.15.31.6
 no ip proxy-arp
 ip wccp web-cache redirect in
 ip nat inside
 ip virtual-reassembly

0
 
LVL 28

Accepted Solution

by:
mikebernhardt earned 500 total points
Comment Utility
SOMETHING must have changed, either on the web cache server or on the router. Are you sure version 1 still works? Have you tried removing the ip wccp version 1 statement and see what happens?
0
 
LVL 1

Author Comment

by:jasonmichel
Comment Utility
The ip of the iprism device is 172.31.30.2  this seems to be the internet filtering acls below


ip access-list extended inet-traffic
 deny   ip 10.15.0.0 0.0.255.255 10.15.1.0 0.0.0.255
 deny   ip 10.15.0.0 0.0.255.255 10.0.0.0 0.255.255.255
 deny   ip 10.15.0.0 0.0.255.255 192.168.0.0 0.0.255.255
 deny   ip 10.15.0.0 0.0.255.255 172.16.0.0 0.15.255.255
 deny   ip 192.168.253.0 0.0.0.255 10.0.0.0 0.255.255.255
 deny   ip 192.168.253.0 0.0.0.255 192.168.0.0 0.0.255.255
 deny   ip 192.168.253.0 0.0.0.255 172.16.0.0 0.15.255.255
 deny   ip 172.31.30.0 0.0.0.3 10.15.1.0 0.0.0.255
 deny   ip 172.31.30.0 0.0.0.3 10.0.0.0 0.255.255.255
 deny   ip 172.31.30.0 0.0.0.3 192.168.0.0 0.0.255.255
 deny   ip 172.31.30.0 0.0.0.3 172.16.0.0 0.15.255.255
 deny   ip 192.168.253.0 0.0.0.255 10.15.1.0 0.0.0.255
 permit ip 10.15.0.0 0.0.255.255 any
 permit ip 192.168.253.0 0.0.0.255 any
 permit ip 172.31.30.0 0.0.0.3 any
 permit ip 192.168.25.0 0.0.0.255 any

route-map WEB permit 10
 match ip address URL
 set ip next-hop 172.31.30.1
!
route-map NAT permit 10
 match ip address inet-traffic
!
0
 
LVL 1

Author Comment

by:jasonmichel
Comment Utility
that is kinda what i'm hoping to get help with, i've never set up, and i'm just trying to filter through and figure out what happened...what do you suggest i try?
0
 
LVL 28

Expert Comment

by:mikebernhardt
Comment Utility
This doesn't seem to do anything anyway, as it's not applied anywhere (and there's no access list called "URL")

route-map WEB permit 10
 match ip address URL
 set ip next-hop 172.31.30.1

I would work with the web cache appliance vendor, as they usually understand how to configure Cisco equipment to be compatible. I don't know how that's supposed to work, so it's hard to help.
0
 
LVL 1

Author Closing Comment

by:jasonmichel
Comment Utility
to enable wccp on this ios, i guess you have to use the

ip wccp web-cache

i did that and it started working..odd

thanks for the help though
0

Featured Post

Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

Join & Write a Comment

Suggested Solutions

David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now