Cisco Cisco Web Security Appliance S670 User Guide
2-20
AsyncOS 9.1 for Cisco Web Security Appliances User Guide
Chapter 2 Connect, Install, and Configure
Using the P2 Data Interface for Web Proxy Data
Service
The service group type for the router. Choose from:
Standard service. This service type is assigned a fixed ID of zero, a fixed
redirection method of by destination port, and a fixed destination port of 80.
You can create one standard service only. If a standard service already exists
on the appliance, this option is dimmed.
redirection method of by destination port, and a fixed destination port of 80.
You can create one standard service only. If a standard service already exists
on the appliance, this option is dimmed.
Dynamic service. This service type allows you to define a custom ID, port
numbers, and redirection and load balancing options. Enter the same
parameters when creating the service on the WCCP router as you entered for
the dynamic service.
numbers, and redirection and load balancing options. Enter the same
parameters when creating the service on the WCCP router as you entered for
the dynamic service.
If you create a dynamic service, enter the following information:
•
Service ID. Enter any number from 0 to 255 in the Dynamic Service
ID field.
ID field.
•
Port number(s). Enter up to eight port numbers for traffic to redirect in
the Port Numbers field.
the Port Numbers field.
•
Redirection basis. Choose to redirect traffic based on the source or
destination port. Default is destination port.
destination port. Default is destination port.
Note
To configure Native FTP with transparent redirection and IP
spoofing, choose Redirect based on source port (return path) and set
the source port to 13007.
spoofing, choose Redirect based on source port (return path) and set
the source port to 13007.
•
Load balancing basis. When the network uses multiple Web Security
appliances, you can choose how to distribute packets among the
appliances. You can distribute packets based on the server or client
address. When you choose client address, packets from a client always
get distributed to the same appliance. Default is server address.
appliances, you can choose how to distribute packets among the
appliances. You can distribute packets based on the server or client
address. When you choose client address, packets from a client always
get distributed to the same appliance. Default is server address.
Router IP Addresses
The IPv4 or IPv6 address for one or more WCCP enabled routers. Use each
router’s unique IP; you cannot enter a multicast address. You cannot mix
IPv4 and IPv6 addresses within a service group.
router’s unique IP; you cannot enter a multicast address. You cannot mix
IPv4 and IPv6 addresses within a service group.
Router Security
Specifies whether or not to require a passphrase for this service group. If
enabled, every appliance and WCCP router that uses the service group must
use the same passphrase.
enabled, every appliance and WCCP router that uses the service group must
use the same passphrase.
WCCP Service Option
Description