Cisco Cisco Web Security Appliance S170 사용자 가이드
26-12
Cisco IronPort AsyncOS 7.5.7 for Web User Guide
Chapter 26 Configuring Network Settings
Configuring Transparent Redirection
Figure 26-5
Network > Transparent Redirection Page
On this page, you can choose the device that transparently redirects traffic to the appliance, either an
Layer 4 switch or a WCCP router. When you choose an Layer 4 switch as the device, there is nothing
else to configure on this page.
Layer 4 switch or a WCCP router. When you choose an Layer 4 switch as the device, there is nothing
else to configure on this page.
However, when you choose a WCCP router as the device, you must create at least one WCCP service.
Working with WCCP Services
A WCCP service is an appliance configuration that defines a service group to a WCCP v2 router. It
includes information such as the service ID and ports used. Service groups allow a web proxy to establish
connectivity with a WCCP router and to handle redirected traffic from the router.
includes information such as the service ID and ports used. Service groups allow a web proxy to establish
connectivity with a WCCP router and to handle redirected traffic from the router.
You can create WCCP services that use the following service types:
•
Standard service. The standard service is also known as a well known service because the
characteristics of it are known by both WCCP routers and the appliance. It redirects traffic on port
80. It is identified as the “web-cache” service.
characteristics of it are known by both WCCP routers and the appliance. It redirects traffic on port
80. It is identified as the “web-cache” service.
•
Dynamic service. Dynamic services are any other service a web proxy creates, but the web proxy
must describe the components of the service group to the router. AsyncOS supports the creation of
any dynamic service you choose to define. To create a dynamic service, you must provide the service
ID number, port numbers, and specify whether to redirect packets based on the destination or source
port and whether to distribute packets based on the client or server address.
must describe the components of the service group to the router. AsyncOS supports the creation of
any dynamic service you choose to define. To create a dynamic service, you must provide the service
ID number, port numbers, and specify whether to redirect packets based on the destination or source
port and whether to distribute packets based on the client or server address.
The Web Cache Communication Protocol allows 257 different service IDs. AsyncOS allows you to
create a dynamic WCCP service for each possible service ID. However, in typical usage, most users
create one or two WCCP services, where one is a standard service and the other a dynamic service.
create a dynamic WCCP service for each possible service ID. However, in typical usage, most users
create one or two WCCP services, where one is a standard service and the other a dynamic service.
When you create a WCCP service of any type, you must also specify the following information:
•
Assignment method. For more information, see
.
•
Forwarding and Return method. For more information, see
.
If you enable IP spoofing on the appliance, you must create two WCCP services. For more information,
see
see
.
Working with the Assignment Method
WCCP defines the assignment method as the method by which redirected packets are distributed
between web proxies. In this case, between one or more Web Security appliances. The assignment
method determines how the router performs load balancing of packets among multiple Web Security
appliances.
between web proxies. In this case, between one or more Web Security appliances. The assignment
method determines how the router performs load balancing of packets among multiple Web Security
appliances.