Cisco Cisco Web Security Appliance S170 사용자 가이드
25-14
Cisco IronPort AsyncOS 7.7.5 for Web User Guide
Chapter 25 Configuring Network Settings
Configuring Transparent Redirection
•
Router security and password
Note
Cisco suggests using a service ID number from 90 to 97 for the WCCP service used for the return path
(based on the source port).
(based on the source port).
For more information about creating WCCP services, see
Adding and Editing a WCCP Service
You must create at least one WCCP service when you configure the transparent redirection device as a
WCCP router. If IP spoofing is enabled on the appliance, you must create two WCCP services. For more
information about IP spoofing, see
WCCP router. If IP spoofing is enabled on the appliance, you must create two WCCP services. For more
information about IP spoofing, see
.
Step 1
Navigate to the Network > Transparent Redirection page.
Step 2
Verify the transparent redirection device is a WCCP v2 router. If it is not, click Edit Device to change it.
Step 3
To add a WCCP service, click Add Service. Or, to edit a WCCP service, click the name of the WCCP
service in the Service Profile Name column.
service in the Service Profile Name column.
Step 4
Configure the WCCP options.
describes the WCCP options.
Table 25-3
WCCP Service Options
WCCP Service Option
Description
Service Profile Name
Enter a name for the WCCP service.
Service
Use this section to describe the service group for the router.
Choose to create either a standard (“well known”) or dynamic service
group.
group.
If you create a dynamic service, enter the following information:
•
Service ID. Enter any number from 0 to 255 in the Dynamic Service
ID field.
ID field.
•
Port number(s). Enter up to eight port numbers for traffic to redirect
in the Port Numbers field.
in the Port Numbers field.
•
Redirection basis. Choose to redirect traffic based on the source or
destination port. Default is destination port.
destination port. Default is destination port.
•
Load balancing basis. When the network uses multiple Web Security
appliances, you can choose how to distribute packets among the
appliances. You can distribute packets based on the server or client
address. When you choose client address, packets from a client always
get distributed to the same appliance. Default is server address.
appliances, you can choose how to distribute packets among the
appliances. You can distribute packets based on the server or client
address. When you choose client address, packets from a client always
get distributed to the same appliance. Default is server address.
For more information about well known and dynamic service groups, see
Router IP Addresses
Enter the IP address for one or more WCCP enabled routers. You can enter
up to 32 routers to the service group. You must enter the IP address of each
router. You cannot enter a multicast address.
up to 32 routers to the service group. You must enter the IP address of each
router. You cannot enter a multicast address.