- Posts: 7
- Thank you received: 0
transparent proxy on cisco ASA5510 + squid
13 years 6 months ago #37019
by eldo
transparent proxy on cisco ASA5510 + squid was created by eldo
transparent proxy on cisco ASA5510 + squid
Hello,
I have configured transparent proxy on my cisco ASA5510 and also squid on Linux server by
theese manuals:
parvinderbhasin.blogspot.com/2009/06/squ...cisco-asa-setup.html
wiki.squid-cache.org/Features/Wccp2#Squid_box_OS_configuration
readlist.com/lists/squid-cache.org/squid-users/3/16930.html
but always recieved this logs on cisco ASA5510:
4|Jun 01 2011 14:47:40|313005: No matching connection for ICMP error message: icmp src servers:192.168.1.130 dst identity:212.89.229.2 (type 3, code 3) on servers interface. Original IP payload: <unknown>.
3|Jun 01 2011 14:47:40|313001: Denied ICMP type=3, code=3 from 192.168.1.130 on interface servers
when I'm trying to connect from workstation 192.168.1.164 to 194.160.23.22:80
Have you any idea what to do?
##################################################################
My config:
interface Ethernet0/0
nameif outside
security-level 0
ip address 212.89.x.x 255.255.255.x
ospf cost 10
access-list outside-acl-in extended permit icmp any any
interface Ethernet0/1.20
vlan 20
nameif servers
security-level 90
ip address 192.168.1.1 255.255.255.0
access-list servers-acl-in extended permit icmp any any
wccp web-cache
wccp interface servers web-cache redirect in
##################################################################
Debug:
asa5510# sh wccp web-cache
Global WCCP information:
Router information:
Router Identifier: 212.89.x.x - router public IP
Protocol Version: 2.0
Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 0
Redirect access-list: -none-
Total Connections Denied Redirect: 0
Total Packets Unassigned: 8
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0
asa5510# sh wccp web-cache detail
WCCP Cache-Engine information:
Web Cache ID: 192.168.1.130 - my squid
Protocol Version: 2.0
State: Usable
Initial Hash Info: 00000000000000000000000000000000
00000000000000000000000000000000
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets Redirected: 2
Connect Time: 00:00:30
##################################################################
Thanks eldo
Hello,
I have configured transparent proxy on my cisco ASA5510 and also squid on Linux server by
theese manuals:
parvinderbhasin.blogspot.com/2009/06/squ...cisco-asa-setup.html
wiki.squid-cache.org/Features/Wccp2#Squid_box_OS_configuration
readlist.com/lists/squid-cache.org/squid-users/3/16930.html
but always recieved this logs on cisco ASA5510:
4|Jun 01 2011 14:47:40|313005: No matching connection for ICMP error message: icmp src servers:192.168.1.130 dst identity:212.89.229.2 (type 3, code 3) on servers interface. Original IP payload: <unknown>.
3|Jun 01 2011 14:47:40|313001: Denied ICMP type=3, code=3 from 192.168.1.130 on interface servers
when I'm trying to connect from workstation 192.168.1.164 to 194.160.23.22:80
Have you any idea what to do?
##################################################################
My config:
interface Ethernet0/0
nameif outside
security-level 0
ip address 212.89.x.x 255.255.255.x
ospf cost 10
access-list outside-acl-in extended permit icmp any any
interface Ethernet0/1.20
vlan 20
nameif servers
security-level 90
ip address 192.168.1.1 255.255.255.0
access-list servers-acl-in extended permit icmp any any
wccp web-cache
wccp interface servers web-cache redirect in
##################################################################
Debug:
asa5510# sh wccp web-cache
Global WCCP information:
Router information:
Router Identifier: 212.89.x.x - router public IP
Protocol Version: 2.0
Service Identifier: web-cache
Number of Cache Engines: 1
Number of routers: 1
Total Packets Redirected: 0
Redirect access-list: -none-
Total Connections Denied Redirect: 0
Total Packets Unassigned: 8
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Total Bypassed Packets Received: 0
asa5510# sh wccp web-cache detail
WCCP Cache-Engine information:
Web Cache ID: 192.168.1.130 - my squid
Protocol Version: 2.0
State: Usable
Initial Hash Info: 00000000000000000000000000000000
00000000000000000000000000000000
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets Redirected: 2
Connect Time: 00:00:30
##################################################################
Thanks eldo
Time to create page: 0.128 seconds