Cisco Cisco Web Security Appliance S670 Technical Manual
Contents
Introduction
Prerequisites
Requirements
Components Used
Configure
WSA Configuration
Sample ASA Configuration
Sample Switch Configuration (c3560)
Verify
Troubleshoot
Introduction
This document describes how to configure the Web Security Appliance (WSA) / Cisco Router in
order to support transparent redirection of HTTP, HTTPS, and Native FTP traffic with Web Cache
Communication Protocol (WCCP).
order to support transparent redirection of HTTP, HTTPS, and Native FTP traffic with Web Cache
Communication Protocol (WCCP).
Prerequisites
Requirements
There are no specific requirements for this document.
Components Used
The information in this document is based on these software and hardware versions:
Cisco Web Security Appliance that runs AsyncOS Version 6.0 or later
●
Native FTP proxy enabled on WSA
●
WCCPv2 compatible Cisco Router/Switch or ASA Firewall
●
The information in this document was created from the devices in a specific lab environment. All of
the devices used in this document started with a cleared (default) configuration. If your network is
live, make sure that you understand the potential impact of any command.
the devices used in this document started with a cleared (default) configuration. If your network is
live, make sure that you understand the potential impact of any command.
Configure
When Native FTP traffic is redirected transparently to the WSA, the WSA typically receives the
traffic on the standard FTP port 21. Hence, the Native FTP proxy on the WSA should listen on port
21 (by default the native FTP proxy is 8021). In the GUI, choose Security Services > FTP Proxy
for verification.
traffic on the standard FTP port 21. Hence, the Native FTP proxy on the WSA should listen on port
21 (by default the native FTP proxy is 8021). In the GUI, choose Security Services > FTP Proxy
for verification.
WSA Configuration