Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: transparent proxy on cisco ASA5510 + squid

transparent proxy on cisco ASA5510 + squid 5 years 6 months ago #37019

  • eldo
  • eldo's Avatar
  • Offline
  • New Member
  • Posts: 7
  • Karma: 0
transparent proxy on cisco ASA5510 + squid


Hello,

I have configured transparent proxy on my cisco ASA5510 and also squid on Linux server by
theese manuals:
parvinderbhasin.blogspot.com/2009/06/squ...cisco-asa-setup.html
wiki.squid-cache.org/Features/Wccp2#Squid_box_OS_configuration
readlist.com/lists/squid-cache.org/squid-users/3/16930.html

but always recieved this logs on cisco ASA5510:

4|Jun 01 2011 14:47:40|313005: No matching connection for ICMP error message: icmp src servers:192.168.1.130 dst identity:212.89.229.2 (type 3, code 3) on servers interface. Original IP payload: <unknown>.
3|Jun 01 2011 14:47:40|313001: Denied ICMP type=3, code=3 from 192.168.1.130 on interface servers

when I'm trying to connect from workstation 192.168.1.164 to 194.160.23.22:80

Have you any idea what to do?

##################################################################
My config:

interface Ethernet0/0
nameif outside
security-level 0
ip address 212.89.x.x 255.255.255.x
ospf cost 10

access-list outside-acl-in extended permit icmp any any

interface Ethernet0/1.20
vlan 20
nameif servers
security-level 90
ip address 192.168.1.1 255.255.255.0

access-list servers-acl-in extended permit icmp any any


wccp web-cache
wccp interface servers web-cache redirect in
##################################################################
Debug:

asa5510# sh wccp web-cache

Global WCCP information:
Router information:
Router Identifier: 212.89.x.x - router public IP
Protocol Version: 2.0

Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 0
Redirect access-list: -none-
Total Connections Denied Redirect: 0
Total Packets Unassigned: 8
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0


asa5510# sh wccp web-cache detail

WCCP Cache-Engine information:
Web Cache ID: 192.168.1.130 - my squid
Protocol Version: 2.0
State: Usable
Initial Hash Info: 00000000000000000000000000000000
00000000000000000000000000000000
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets Redirected: 2
Connect Time: 00:00:30
##################################################################

Thanks eldo
The administrator has disabled public write access.
Time to create page: 0.075 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup