[squid-users] Setup wccp2 with squid3 and cisco switch 4507

Yuri yvoinov at gmail.com
Thu Dec 15 11:16:12 UTC 2016 


15.12.2016 4:23, André Bolinhas пишет:
>
> Hi,
>
> In this case, using L2 I don’t need to create a GRE tunnel?
>
Exactly.
>
> Also need to use HTTP_PORT 3128 intercept ?
>
As documented in wiki's article.
>
> Wish iptables I need to create?
>
I know nothing about iptables. I'm not Linux-fanboy.
>
> Best regards
>
> *From:*squid-users [mailto:squid-users-bounces at lists.squid-cache.org] 
> *On Behalf Of *Yuri Voinov
> *Sent:* quarta-feira, 14 de dezembro de 2016 16:02
> *To:* squid-users at lists.squid-cache.org
> *Subject:* Re: [squid-users] Setup wccp2 with squid3 and cisco switch 4507
>
> May be, this could help you:
>
> http://wiki.squid-cache.org/ConfigExamples/Intercept/CiscoIOSv15Wccp2
>
> 14.12.2016 21:46, André Bolinhas пишет:
>
>     Hi,
>
>     I need to setup wccp2 between my Squid3 box and my cisco switch 4507
>
>     Since my 4507 don't support GRE on forward methoding I need to
>     configure the the wccp with L2.
>
>     My squid.conf
>
>     http_port 3129 intercept
>
>     wccp2_router $IP-OF-ROUTER
>
>     wccp2_forwarding_method l2
>
>     wccp2_return_method l2
>
>     My question is, in GRE method I need to create a GRE tunnel like this
>
>     modprobe ip_gre
>
>     ip tunnel add wccp0 mode gre remote $ASA-EXT-IP local $SQUID-IP
>     dev eth0
>
>     ifconfig wccp0 $SQUID-IP netmask 255.255.255.255 up
>
>     echo 0 >/proc/sys/net/ipv4/conf/wccp0/rp_filter
>
>     echo 0 >/proc/sys/net/ipv4/conf/eth0/rp_filter
>
>     echo 1 >/proc/sys/net/ipv4/ip_forward
>
>     iptables -t nat -A PREROUTING -i wccp0 -p tcp --dport 80 -j
>     REDIRECT --to-port 3129
>
>     iptables -t nat -A POSTROUTING -j MASQUERADE
>
>     In L2 method the configuration is the same (tunnel, sysctl,
>     iptables..) ? if not can you help me to configure it (tunnel,
>     sysctl, iptables..).
>
>     Also in switch what's ACL I need to create?
>
>     Best regard
>
>
>
>
>     _______________________________________________
>
>     squid-users mailing list
>
>     squid-users at lists.squid-cache.org
>     <mailto:squid-users at lists.squid-cache.org>
>
>     http://lists.squid-cache.org/listinfo/squid-users
>
> -- 
> Cats - delicious. You just do not know how to cook them.
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squid-cache.org/pipermail/squid-users/attachments/20161215/d0569e57/attachment.html>

More information about the squid-users mailing list