Cisco Cisco Web Security Appliance S170 ユーザーガイド
2-23
AsyncOS 8.8 for Cisco Web Security Appliances User Guide
Chapter 2 Connect, Install, and Configure
Using the P2 Data Interface for Web Proxy Data
Step 3
Configure the WCCP options as described:
Table 2-9
WCCP Service Option
Description
Service Profile Name
The name for the WCCP service.
Note
If you leave this empty and choose a standard service (see below),
the name ‘web_cache’ is automatically assigned here.
the name ‘web_cache’ is automatically assigned here.
Service
The service group type for the router. Choose from:
Standard service. This service type is assigned a fixed ID of zero, a fixed
redirection method of by destination port, and a fixed destination port of 80.
You can create one standard service only. If a standard service already exists
on the appliance, this option is dimmed.
redirection method of by destination port, and a fixed destination port of 80.
You can create one standard service only. If a standard service already exists
on the appliance, this option is dimmed.
Dynamic service. This service type allows you to define a custom ID, port
numbers, and redirection and load balancing options. Enter the same
parameters when creating the service on the WCCP router as you entered for
the dynamic service.
numbers, and redirection and load balancing options. Enter the same
parameters when creating the service on the WCCP router as you entered for
the dynamic service.
If you create a dynamic service, enter the following information:
•
Service ID. Enter any number from 0 to 255 in the Dynamic Service ID
field.
field.
•
Port number(s). Enter up to eight port numbers for traffic to redirect in
the Port Numbers field.
the Port Numbers field.
•
Redirection basis. Choose to redirect traffic based on the source or
destination port. Default is destination port.
destination port. Default is destination port.
Note
To configure Native FTP with transparent redirection and IP
spoofing, choose Redirect based on source port (return path) and set
the source port to 13007.
spoofing, choose Redirect based on source port (return path) and set
the source port to 13007.
•
Load balancing basis. When the network uses multiple Web Security
appliances, you can choose how to distribute packets among the
appliances. You can distribute packets based on the server or client
address. When you choose client address, packets from a client always
get distributed to the same appliance. Default is server address.
appliances, you can choose how to distribute packets among the
appliances. You can distribute packets based on the server or client
address. When you choose client address, packets from a client always
get distributed to the same appliance. Default is server address.
Router IP Addresses
The IPv4 or IPv6 address for one or more WCCP enabled routers. Use each
router’s unique IP; you cannot enter a multicast address. You cannot mix
IPv4 and IPv6 addresses within a service group.
router’s unique IP; you cannot enter a multicast address. You cannot mix
IPv4 and IPv6 addresses within a service group.
Router Security
Specifies whether or not to require a password for this service group. If
enabled, every appliance and WCCP router that uses the service group must
use the same password.
enabled, every appliance and WCCP router that uses the service group must
use the same password.