From: Scott Morris (swm@emanon.com)
Date: Fri Jul 29 2005 - 10:27:07 GMT-3
UDP 2048 s the controlling protocol
GRE is what the "spoofed" traffic actually traverses under.
So you'll need to permit both pieces. Although I don't think that will show
up on your lab! Just my opinion.
Scott
-----Original Message-----
From: nobody@groupstudy.com [mailto:nobody@groupstudy.com] On Behalf Of
gladston@br.ibm.com
Sent: Friday, July 29, 2005 8:59 AM
To: ccielab@groupstudy.com
Subject: WCCP and Security
Supposing we have these:
E0 -- inside hosts
E1 -- inside hosts
E2 -- cache engine
S0 -- connected to Internet
And ACL applied to E0 and E2. What traffic, related to WCCP, should be
allowed on E2 interface?
Just UDP port 2048?
(sorry, I do not have a cache available to confirm that it would be the
solution)
This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:00:32 GMT-3