?
Solved

Cisco ASA 5510 WCCP config

Posted on 2013-11-15
2
Medium Priority
?
349 Views
Last Modified: 2016-02-25
We've got WCCP enabled on our ASA route which is used by a Sophos web appliance.  

access-list wccp-server extended permit ip host 192.168.0.121 any
access-list wccp-traffic extended deny ip 192.168.0.0 255.255.255.0 209.223.80.0 255.255.255.0
access-list wccp-traffic extended permit ip 192.168.0.0 255.255.255.0 any

wccp web-cache redirect-list wccp-traffic group-list wccp-server
wccp 70 redirect-list wccp-traffic group-list wccp-server
wccp interface inside web-cache redirect in
wccp interface inside 70 redirect in

I've got a wireless network on 10.0.0.0/8 that I've got a guest network setup on that I'd like to bypass the WCCP.  Can anyone help with this config?
0
Comment
Question by:tbeasley123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
Henk van Achterberg earned 1000 total points
ID: 39675541
access-list wccp-traffic extended permit ip 10.0.0.0 255.0.0.0 any

wccp interface wifi web-cache redirect in
wccp interface wifi 70 redirect in
0
 
LVL 8

Assisted Solution

by:amatson78
amatson78 earned 1000 total points
ID: 39795717
If you want it to "BYPASS" redirection than you want to use a "Deny" statement not a permit as stated above. If the 10.0.0.0/8 network is on the same interface then you need to edit that set of access rules:

# config t
# access-list wccp-traffic extended line 2 ip 10.0.0.0 255.0.0.0 any <options>

Open in new window


This will insert the deny into line 2 of the access list and move the rest down placing it above any of the "Permit" statements which is how an ACL should properly be built.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

It’s a strangely common occurrence that when you send someone their login details for a system, they can’t get in. This article will help you understand why it happens, and what you can do about it.
Use of TCL script on Cisco devices:  - create file and merge it with running configuration to apply configuration changes
This video teaches users how to migrate an existing Wordpress website to a new domain.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
Suggested Courses
Course of the Month13 days, 22 hours left to enroll

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question