Re: [squid-users] Setup wccp2 with squid3 and cisco switch 4507

Thu, 15 Dec 2016 03:16:27 -0800 


15.12.2016 4:23, André Bolinhas пишет:


Hi,

In this case, using L2 I don’t need to create a GRE tunnel?


Exactly.


Also need to use HTTP_PORT 3128 intercept ?


As documented in wiki's article.


Wish iptables I need to create?


I know nothing about iptables. I'm not Linux-fanboy.


Best regards


*From:*squid-users [mailto:squid-users-boun...@lists.squid-cache.org] 
*On Behalf Of *Yuri Voinov

*Sent:* quarta-feira, 14 de dezembro de 2016 16:02
*To:* squid-users@lists.squid-cache.org
*Subject:* Re: [squid-users] Setup wccp2 with squid3 and cisco switch 4507

May be, this could help you:

http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2

14.12.2016 21:46, André Bolinhas пишет:

    Hi,

    I need to setup wccp2 between my Squid3 box and my cisco switch 4507

    Since my 4507 don't support GRE on forward methoding I need to
    configure the the wccp with L2.

    My squid.conf

    http_port 3129 intercept

    wccp2_router $IP-OF-ROUTER

    wccp2_forwarding_method l2

    wccp2_return_method l2

    My question is, in GRE method I need to create a GRE tunnel like this

    modprobe ip_gre

    ip tunnel add wccp0 mode gre remote $ASA-EXT-IP local $SQUID-IP
    dev eth0

    ifconfig wccp0 $SQUID-IP netmask 255.255.255.255 up

    echo 0 >/proc/sys/net/ipv4/conf/wccp0/rp_filter

    echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter

    echo 1 >/proc/sys/net/ipv4/ip_forward

    iptables -t nat -A PREROUTING -i wccp0 -p tcp --dport 80 -j
    REDIRECT --to-port 3129

    iptables -t nat -A POSTROUTING -j MASQUERADE

    In L2 method the configuration is the same (tunnel, sysctl,
    iptables..) ? if not can you help me to configure it (tunnel,
    sysctl, iptables..).

    Also in switch what's ACL I need to create?

    Best regard




    _______________________________________________

    squid-users mailing list

    squid-users@lists.squid-cache.org
    <mailto:squid-users@lists.squid-cache.org>

    http://lists.squid-cache.org/listinfo/squid-users

--
Cats - delicious. You just do not know how to cook them.




_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users






















					Reply via email to