Solved

Cisco ASA 5510 WCCP config

Posted on 2013-11-15
2
328 Views
Last Modified: 2016-02-25
We've got WCCP enabled on our ASA route which is used by a Sophos web appliance.  

access-list wccp-server extended permit ip host 192.168.0.121 any
access-list wccp-traffic extended deny ip 192.168.0.0 255.255.255.0 209.223.80.0 255.255.255.0
access-list wccp-traffic extended permit ip 192.168.0.0 255.255.255.0 any

wccp web-cache redirect-list wccp-traffic group-list wccp-server
wccp 70 redirect-list wccp-traffic group-list wccp-server
wccp interface inside web-cache redirect in
wccp interface inside 70 redirect in

I've got a wireless network on 10.0.0.0/8 that I've got a guest network setup on that I'd like to bypass the WCCP.  Can anyone help with this config?
0
Comment
Question by:tbeasley123
2 Comments
 
LVL 12

Accepted Solution

by:
Henk van Achterberg earned 250 total points
ID: 39675541
access-list wccp-traffic extended permit ip 10.0.0.0 255.0.0.0 any

wccp interface wifi web-cache redirect in
wccp interface wifi 70 redirect in
0
 
LVL 8

Assisted Solution

by:amatson78
amatson78 earned 250 total points
ID: 39795717
If you want it to "BYPASS" redirection than you want to use a "Deny" statement not a permit as stated above. If the 10.0.0.0/8 network is on the same interface then you need to edit that set of access rules:

# config t
# access-list wccp-traffic extended line 2 ip 10.0.0.0 255.0.0.0 any <options>

Open in new window


This will insert the deny into line 2 of the access list and move the rest down placing it above any of the "Permit" statements which is how an ACL should properly be built.
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
This video teaches users how to migrate an existing Wordpress website to a new domain.
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

726 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question