?
Solved

Cisco ASA 5510 WCCP config

Posted on 2013-11-15
2
Medium Priority
?
389 Views
Last Modified: 2016-02-25
We've got WCCP enabled on our ASA route which is used by a Sophos web appliance.  

access-list wccp-server extended permit ip host 192.168.0.121 any
access-list wccp-traffic extended deny ip 192.168.0.0 255.255.255.0 209.223.80.0 255.255.255.0
access-list wccp-traffic extended permit ip 192.168.0.0 255.255.255.0 any

wccp web-cache redirect-list wccp-traffic group-list wccp-server
wccp 70 redirect-list wccp-traffic group-list wccp-server
wccp interface inside web-cache redirect in
wccp interface inside 70 redirect in

I've got a wireless network on 10.0.0.0/8 that I've got a guest network setup on that I'd like to bypass the WCCP.  Can anyone help with this config?
0
Comment
Question by:tbeasley123
2 Comments
 
LVL 12

Accepted Solution

by:
Henk van Achterberg earned 1000 total points
ID: 39675541
access-list wccp-traffic extended permit ip 10.0.0.0 255.0.0.0 any

wccp interface wifi web-cache redirect in
wccp interface wifi 70 redirect in
0
 
LVL 8

Assisted Solution

by:amatson78
amatson78 earned 1000 total points
ID: 39795717
If you want it to "BYPASS" redirection than you want to use a "Deny" statement not a permit as stated above. If the 10.0.0.0/8 network is on the same interface then you need to edit that set of access rules:

# config t
# access-list wccp-traffic extended line 2 ip 10.0.0.0 255.0.0.0 any <options>

Open in new window


This will insert the deny into line 2 of the access list and move the rest down placing it above any of the "Permit" statements which is how an ACL should properly be built.
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
Let’s face it: one of the reasons your organization chose a SaaS solution (whether Microsoft Dynamics 365, Netsuite or SAP) is that it is subscription-based. The upkeep is done. Or so you think.
This video teaches viewers how to create their own website using cPanel and Wordpress. Tutorial walks users through how to set up their own domain name from tools like Domain Registrar, Hosting Account, and Wordpress. More specifically, the order in…
Learn how to set-up PayPal payment integration in your Wufoo form. Allow your users to remit payment through PayPal upon completion of your online form. This is helpful for collecting membership payments, customer payments, donations, and more.
Suggested Courses
Course of the Month14 days, 20 hours left to enroll

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question