12-26-2011 09:00 AM
I am planing put PAN Device on vwire mode just before traffic reach their Proxy solution. Traffic redirect using WCCP web traffic from Cisoc switch to Cisco Ironport.The Proxy device only has one NIC interface.In this secenario What we will see? Only WCCP traffic, or Web traffic, from Switch to Proxy, and Web responses from Proxy to Switch, where only Proxy IP is showed as source IP or can wee see all the user traffic.
12-27-2011 06:52 PM
I haven't worked with WCCP myself, but we do have app-ids for web-browsing, http-proxy and wccp. So one recommendation you can do is to start with allowing these applications through and then check your traffic logs. That should tell you what applications in particular you should be concerned with and then apply your rules accordingly.
Hope this helps.
12-27-2011 08:07 PM
My concern is that if i position the Firewall between WCCP traffic(Here core and ironport), can i see the other web traffic.We need confirmation on this Any one tried this
12-28-2011 03:53 AM
When router redirects traffic to proxy using WCCP, encapsulates packets in GRE so you will only see GRE traffic.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!