[squid-users] Setup wccp2 with squid3 and cisco switch 4507
André Bolinhas
andre.bolinhas at articatech.com
Wed Dec 14 22:23:57 UTC 2016
Hi,
In this case, using L2 I don’t need to create a GRE tunnel?
Also need to use HTTP_PORT 3128 intercept ?
Wish iptables I need to create?
Best regards
From: squid-users [mailto:squid-users-bounces at lists.squid-cache.org] On Behalf Of Yuri Voinov
Sent: quarta-feira, 14 de dezembro de 2016 16:02
To: squid-users at lists.squid-cache.org
Subject: Re: [squid-users] Setup wccp2 with squid3 and cisco switch 4507
May be, this could help you:
http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
14.12.2016 21:46, André Bolinhas пишет:
Hi,
I need to setup wccp2 between my Squid3 box and my cisco switch 4507
Since my 4507 don't support GRE on forward methoding I need to configure the the wccp with L2.
My squid.conf
http_port 3129 intercept
wccp2_router $IP-OF-ROUTER
wccp2_forwarding_method l2
wccp2_return_method l2
My question is, in GRE method I need to create a GRE tunnel like this
modprobe ip_gre
ip tunnel add wccp0 mode gre remote $ASA-EXT-IP local $SQUID-IP dev eth0
ifconfig wccp0 $SQUID-IP netmask 255.255.255.255 up
echo 0 >/proc/sys/net/ipv4/conf/wccp0/rp_filter
echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter
echo 1 >/proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -i wccp0 -p tcp --dport 80 -j REDIRECT --to-port 3129
iptables -t nat -A POSTROUTING -j MASQUERADE
In L2 method the configuration is the same (tunnel, sysctl, iptables..) ? if not can you help me to configure it (tunnel, sysctl, iptables..).
Also in switch what's ACL I need to create?
Best regard
_______________________________________________
squid-users mailing list
squid-users at lists.squid-cache.org <mailto:squid-users at lists.squid-cache.org>
http://lists.squid-cache.org/listinfo/squid-users
--
Cats - delicious. You just do not know how to cook them.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161214/1cbffe6d/attachment.html>
More information about the squid-users
mailing list