- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
04-15-2010 02:24 AM
Hi All.
Yesterday we tried to put PAN Device on a POC with a customer just before traffic reach their Proxy solution. Customer redirect using WCCP web traffic from router to Proxy and we used a PAN port on Palo Alto to receive that WCCP traffic. The Proxy device only has one NIC interface, so at TAP port of PAN we should see WCCP traffic redirect from Router to Proxy, and Proxy responses to Router.
What did we see? Only WCCP traffic, not Web traffic, from Router to Proxy, and Web responses from Proxy to Router, where only Proxy IP is showed as source IP.
Is WCCP encapsulating web traffic when redirecting to Proxy? I have seen that WCCP could use GRE, so maybe in that case HTTP traffic cannot be seen by PAN Device. Router brand is CISCO
It should be supported that configuration. I know that PAN cannot use WCCP to forward traffic to a proxy.
If we connect a Laptop with WireShark/Ethereal we can see al traffic, web and WCCP, with users as Source IP.
We used last Threat and App Update and 3.0.6 PANOS version.
Thank you.
04-15-2010 04:45 PM
It may be best to contct Support with this one. WCCP is not encrypting HTTP traffic, but because the PAN is in tap mode, they'd need to look at the logs to verify the traffic flow.
04-19-2010 06:06 AM
Ok, we'll do that.
Thanks.
04-27-2022 02:28 AM
May I know the result after contact support?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!