Environment:
Squid server: Ubuntu 8.10 Server Edition IP Address:192.168.50.100/24
ASA5510: E0/1 inside IP Address:192.168.50.1/24
Local Network: 10.1.0.0/16
1. ASA WCCP Configuration
ASAconfig)#access-list PROXY extended permit 10.1.0.0 255.255.0.0 any eq www
ASAconfig)# wccp web-cache redirect-list PROXY
ASA(config)# wccp interface inside web-cache redirect in
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_assignment_method 1
acl all src 0.0.0.0/0.0.0.0
http_access allow all
cache_mem 256MB
cache_dir ufs /var/spool/squid 10240 16 256
3. Linux Server Configuration
root@ubuntu-squid:~# vi /etc/rc.local
#setup gre tunnel to ASA. Remote is the WCCP route identifier and local is the ip address of Squid
ip tunnel add wccp0 mode gre remote 192.168.50.1 local 192.168.50.100 dev eth0
ifconfig wccp0 inet 127.0.0.3 netmask 255.255.255.255 up
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/wccp0/rp_filter
iptables -F -t nat
iptables -t nat -A PREROUTING -i wccp0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.50.100:3128
4. Verify Configuration
ASA# sh wccp
Global WCCP information:
Router information:
Router Identifier: 192.168.50.1
Protocol Version: 2.0
Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 7611
Redirect access-list: PROXY
本文出自 “edwardlee” 博客,请务必保留此出处http://edwardlee.blog.51cto.com/153979/174541
Cisco ASA 5510 and Squid with WCCPv2
社区:
