Cisco Cisco Web Security Appliance S670 Guide De Dépannage
Question:
How do I configure WCCP to bypass my Intranet sites?
The easiest way to bypass internal websites is to set up a redirect−list on the switch/router which excludes the
internal destination addresses from redirection.
internal destination addresses from redirection.
On a Cisco platform, you just create an access list to deny the internal address ranges (as the destination) and
then permit the rest of the traffic. This list is then added to the wccp statement using the "redirect−list"
keyword.
then permit the rest of the traffic. This list is then added to the wccp statement using the "redirect−list"
keyword.
Example that denies WCCP redirection for all RFC1918 addresses
access−list 110 deny ip any 10.0.0.0 0.255.255.255
access−list 110 deny ip any 172.16.0.0 0.15.255.255
access−list 110 deny ip any 192.168.0.0 0.0.255.255
access−list 110 permit ip any any
access−list 110 deny ip any 172.16.0.0 0.15.255.255
access−list 110 deny ip any 192.168.0.0 0.0.255.255
access−list 110 permit ip any any
ip wccp web−cache redirect−list 110
ip wccp 90 redirect−list 110
ip wccp 90 redirect−list 110
This example uses the service groups of "web−cache" and "90". You would just need to modify this to match
whatever service group(s) you are using.
whatever service group(s) you are using.
Updated: Jul 16, 2014
Document ID: 117983