Cisco Cisco Web Security Appliance S670 Mode D'Emploi
480
I R O N P O R T A S Y N C O S 6 . 3 F O R W E B U S E R G U I D E
Service
Use this section to describe the service group for the router.
Choose to create either a standard (“well known”) or dynamic
service group.
If you create a dynamic service, enter the following information:
• Service ID. Enter any number from 0 to 255 in the Dynamic
Choose to create either a standard (“well known”) or dynamic
service group.
If you create a dynamic service, enter the following information:
• Service ID. Enter any number from 0 to 255 in the Dynamic
Service ID field.
• Port number(s). Enter up to eight port numbers for traffic to
redirect in the Port Numbers field.
• Redirection basis. Choose to redirect traffic based on the source
or destination port. Default is destination port.
• Load balancing basis. When the network uses multiple Web
Security appliances, you can choose how to distribute packets
among the appliances. You can distribute packets based on the
server or client address. When you choose client address,
packets from a client always get distributed to the same
appliance. Default is server address.
among the appliances. You can distribute packets based on the
server or client address. When you choose client address,
packets from a client always get distributed to the same
appliance. Default is server address.
For more information about well known and dynamic service
groups, see “Working with WCCP Services” on page 475.
groups, see “Working with WCCP Services” on page 475.
Router IP Addresses
Enter the IP address for one or more WCCP enabled routers. You
can enter up to 32 routers to the service group. You must enter the
IP address of each router. You cannot enter a multicast address.
can enter up to 32 routers to the service group. You must enter the
IP address of each router. You cannot enter a multicast address.
Router Security
Choose whether or not to require a password for this service
group. If required, enter the password in the password fields. The
password can contain up to seven characters.
When you enable security for a service group, every appliance
and WCCP router that uses the service group must use the same
password.
Requiring a password enables you to control which routers and
WCCP-enabled systems, such as the Web Security appliance,
become part of the service group.
WCCP uses the MD5 hash protocol to encrypt the password.
Note — Each appliance or WCCP router in the service group
authenticate the security component in a received WCCP packet
immediately after validating the WCCP message header. Packets
failing authentication are discarded.
group. If required, enter the password in the password fields. The
password can contain up to seven characters.
When you enable security for a service group, every appliance
and WCCP router that uses the service group must use the same
password.
Requiring a password enables you to control which routers and
WCCP-enabled systems, such as the Web Security appliance,
become part of the service group.
WCCP uses the MD5 hash protocol to encrypt the password.
Note — Each appliance or WCCP router in the service group
authenticate the security component in a received WCCP packet
immediately after validating the WCCP message header. Packets
failing authentication are discarded.
Table 21-3 WCCP Service Options (Continued)
WCCP Service Option
Description