From: Huan Pham (pnhuan@yahoo.com)
Date: Sat Sep 06 2008 - 09:16:37 ART
You are almost there ;-))
You should deny http request between for the whole subnets VLAN X and Y, and
not between the IP addresses of the two router interface.
In addition, as your task is not to cache HTTP traffic BETWEEN the two VLAN,
you need to deny both directions. I guess, the solution should be (not
mentining other required commands to enable WCCP)
ip access-list extended WCCP
deny tcp 1.1.1.0 0.0.0.255 2.2.2.0 0.0.0.255 eq www
deny tcp 2.2.2.0 0.0.0.255 1.1.1.0 0.0.0.255 eq www
permit ip any any
ip wccp web-cache redirect-list WCCP
--- On Sat, 9/6/08, GAURAV MADAN <gauravmadan1177@gmail.com> wrote:
From: GAURAV MADAN <gauravmadan1177@gmail.com>
Subject: Re: wccp simple doubt
To: huan@huanlan.com
Cc: "CCIE Lab" <ccielab@groupstudy.com>
Date: Saturday, September 6, 2008, 9:57 PM
Thnx HUAN..
So the following should be ok ..
Extended IP access list WCCP
10 deny tcp host 1.1.1.1 host 2.2.2.2 eq www
20 permit ip any any
ip wccp web-cache redirect-list WCCP
Am i right now ?
Thnx
Gaurav Madan
On Sat, Sep 6, 2008 at 5:01 PM, Huan Pham <pnhuan@yahoo.com> wrote:
> Hi Gaurav,
>
> You use a wrong command. Check the configuration guide.
>
> Cisco IOS IP Application Services Configuration Guide, Release 12.4
> Configuring WCCP
>
>
http://www.cisco.com/en/US/docs/ios/ipapp/configuration/guide/ipapp_wccp_ps63
50_TSD_Products_Configuration_Guide_Chapter.html#wp1054978
>
>
> ip wccp web-cache group-list access-list
>
>
>
> This command (using a standard access list) notifies the router which IP
> addresses are valid addresses for a content engine attempting to register
> with the current router.
>
>
>
> ip wccp web-cache redirect-list access-list
>
>
>
> This command on the other hand disables caching for certain clients,
> servers, or client/server pairs. You can use standard or extended ACL to
> suit your need.
>
>
>
> --- On Sat, 9/6/08, GAURAV MADAN <gauravmadan1177@gmail.com> wrote:
>
> From: GAURAV MADAN <gauravmadan1177@gmail.com>
> Subject: wccp simple doubt
> To: "Cisco certification" <ccielab@groupstudy.com>
> Date: Saturday, September 6, 2008, 8:10 PM
>
> Hi GS
> I have a simple doubt in WCCP access-group.
> Following is my setup .
> vlan y
> |
> | f0/1
> vlan X =====f0/0= R1
> F0/0 1.1.1.1
> F0/1 2.2.2.2
> My task wants : dont attempt to cache http traffic between vlan x and vlan
> y.
> I did it as :
> Standard IP access list WCCP
> 10 deny 1.1.1.1
> 20 deny 2.2.2.2
> 30 permit any
> ip wccp web-cache group-list WCCP
> MY DOUBT
> ***************
> since we can only give standard access-li in group-list option .. is
> above config valid for my case ?
> My worry is : " how do we take care of not caching traffic BETWEEN
> vlan x and vlan y "
> Kindly suggest
> Thnx
> Gaurav Madan
> Blogs and organic groups at http://www.ccie.net
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
This archive was generated by hypermail 2.1.4 : Sat Oct 04 2008 - 09:26:17 ART