Solved

wccp access-list ssl de

Posted on 2011-03-07
4
348 Views
Last Modified: 2012-05-11
Would someone please answer my questions about this WCCP Access List statement.

1.  Does the below statement address https traffic?
2.  Does the below statement address traffic such as for.example.com?

Thanks.
access-list 124 deny   tcp any host 170.00.000.0 eq www

Open in new window

0
Comment
Question by:NYGiantsFan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Expert Comment

by:gcl_hk
ID: 35065518
If you want to redirect except 170.0.0.0 related ip by WCCP, the ACL is no need to eq www (http), just use access-list 110 deny ip any 170.0.0.0 0.255.255.255 is okay
0
 

Author Comment

by:NYGiantsFan
ID: 35069099
I didn't write the statement, nor have any strong knowledge on WCCP.  

What does this statement do?  Is it just blocking World Wide Web Traffic?

I guess I don't need to know how to improve, just what this current  statement does.
0
 
LVL 6

Accepted Solution

by:
gcl_hk earned 500 total points
ID: 35077393
Um... its hard to say if just only for a single ACL, it depend your WCCP configuration.

If your WCCP configuration like the following sample, it will not to blocking http traffic. It's mean except to match the destination 170.0.0.0 http traffic, redirect to web cache for else web related traffic .

access-list 124 deny tcp any host 170.0.0.0 0.255.255.255 eq www
access-list 124 permit ip any any
!
ip wccp web-cache redirect-list 124
!
int f0/0
ip wccp web-cache redirect-list
0
 

Author Comment

by:NYGiantsFan
ID: 35082046
ah.. I see... I am going to need to read up on this in detail.

Thanks.
0

Featured Post

Transaction Monitoring Vs. Real User Monitoring

Synthetic Transaction Monitoring Vs. Real User Monitoring: When To Use Each Approach? In this article, we will discuss two major monitoring approaches: Synthetic Transaction and Real User Monitoring.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the world of WAN, QoS is a pretty important topic for most, if not all, networks. Some WAN technologies have QoS mechanisms built in, but others, such as some L2 WAN's, don't have QoS control in the provider cloud.
How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Suggested Courses

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question