Hi guys, I was just wondering if anyone's configured a squid proxy using WCCP and a linux server. I cant seem to work out how to install/integrate wccp when installing squid.
In other words, is WCCP/WCCPv2 installed separately? If so, how? Or do you just do something like --enable-wccp during build? The latter didn't seem to work for me as after installation i did a squid -v | grep -i wccp and got nothing
I've never used WCCP and just read about it - it seems really interesting! While I haven't had any experience on this, I did some research and found the following website which seems to have some useful information, take a look at it and let us know if it helped :
Have you any experience redirecting http requests to a Cisco router on a LAN to a proxy server on the Internet? Have seen a few threads using Policy-Based Routing but can't get it working. Is it "good practise" to have your proxy locally or remotely or it doesn;t really matter.
P.S: installing it on Ubuntu 11.04
"...you are never too old to learn" anon
Re: Transparent Proxy - Cisco Policy Based Routing
6 years 7 months ago #37832
I always configure the proxy locally and rarely use Cisco Policy Base Routing for this purpose, however I believe it can be done.
What you can do is configure the router to accept HTTP packets only from the proxy, that way 'smart' clients removing their proxy from the browser's settings will be left without Internet and forced to use the proxy.
Alternatively as you mentioned, policy based routing (PBR)is another solution.
If you have any problems with PBR, let us know so we can help you with the configuration.
p.s PBR is extremely powerful - if you haven't played with it, I highly suggest you try it as it can be used in many different scenarios.
I have put WCCP with Squid on hold for the moment as my IOS doesn't support it.
Tried using PBR without luck. I suspect my access lists are conflicting as I can see matches. Also, the proxy listens on port 3128 so I'm not sure whether to use a static NAT or not?
I will post the config as soon as I can but it's something like this
Description WAN interface
ip address 192.168.x.x 255.255.255.0
ip access-group 101 out
access-list 101 permit tcp any any eq 80
access-list 101 permit tcp any any eq 443
access-list 101 permit tcp any any eq 25
access-list 101 permit tcp any any eq 110
access-list 103 deny tcp any any [b]neq[/b] www
access-list 103 permit tcp any any
route-map PBR permit 10
match ip address 103
set ip next-hop <ip address of proxy server>
Description LAN interface
ip policy route-map PBR