Товарищи, уважаемые если кто знает подскажите как сделать!!!! Три дня уже ведёться неравный бой!
Исходные данные:
1. Cisco 2811 2 FE порта
Код: Выделить всё
Router#sh ver
Cisco IOS Software, 2800 Software (C2800NM-ADVENTERPRISEK9-M), Version 12.4(15)T, RELEASE SOFTWARE (fc3)
Код: Выделить всё
FreeBSD# uname -v
FreeBSD 6.1-RELEASE-p19 #1
ЗАДАЧА настроить прозрачное проксирование с использование SQUID и WCCP через Cisco.
Конфиг Cisco
Код: Выделить всё
Current configuration : 4481 bytes
!
version 12.4
!
ip wccp version 1
ip wccp web-cache redirect-list 5
!
!
no ip cef
!
!
!
interface Null0
no ip unreachables
!
interface FastEthernet0/0
description $FW_INSIDE$$ETH-LAN$
ip address 192.168.0.99 255.255.255.0
ip access-group 102 in
no ip redirects
no ip unreachables
no ip proxy-arp
ip wccp web-cache redirect out
ip nat inside
ip virtual-reassembly
ip route-cache flow
ip policy route-map all-out
duplex auto
speed auto
no cdp enable
no mop enabled
!
interface FastEthernet0/1
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip virtual-reassembly
ip route-cache flow
duplex full
speed auto
no mop enabled
!
interface FastEthernet0/1.1
description $FW_INSIDE$
encapsulation dot1Q 2
ip address 111.222.333.444 255.255.255.248
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
ip policy route-map map-nc
!
interface FastEthernet0/1.2
encapsulation dot1Q 3
ip address 555.666.777.888 255.255.255.192
no ip redirects
no ip unreachables
no ip proxy-arp
ip nat outside
ip virtual-reassembly
ip policy route-map map-sol
!
access-list 5 deny 192.168.0.5
access-list 5 permit any
!
end
Показания маршрутизатора после настройки WCCP
Код: Выделить всё
Router#sh ip wccp web-cache
Global WCCP information:
Router information:
Router Identifier: 192.168.0.99
Protocol Version: 1.0
Service Identifier: web-cache
Number of Service Group Clients: 1
Number of Service Group Routers: 1
Total Packets s/w Redirected: 0
Process: 0
Fast: 0
CEF: 0
Redirect access-list: 5
Total Packets Denied Redirect: 0
Total Packets Unassigned: 0
Group access-list: -none-
Total Messages Denied to Group: 0
Total Authentication failures: 0
Router#sh ip wccp web-cache detail
WCCP Client information:
WCCP Client ID: 192.168.0.5
Protocol Version: 0.4
State: Usable
Initial Hash Info: 00000000000000000000000000000000
00000000000000000000000000000000
Assigned Hash Info: FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF
Hash Allotment: 256 (100.00%)
Packets s/w Redirected: 0
Connect Time: 00:40:28
Router#sh ip wccp web-cache view
WCCP Routers Informed of:
-none-
WCCP Clients Visible:
192.168.0.5
WCCP Clients NOT Visible:
-none-
Код: Выделить всё
http_port 192.168.0.5:3128 transparent
wccp_router 192.168.0.99
wccp_version 4
wccp2_rebuild_wait on
wccp2_forwarding_method 1
wccp2_return_method 1
wccp_address 192.168.0.5
Код: Выделить всё
FreeBSD# ifconfig -a
gre0: flags=b151<UP,POINTOPOINT,RUNNING,PROMISC,LINK0,LINK1,MULTICAST> mtu 1476
tunnel inet 192.168.0.5 --> 192.168.0.99
inet6 fe80::2e0:18ff:fe22:39de%gre0 prefixlen 64 scopeid 0x4
inet 192.168.0.5 --> 10.0.0.1 netmask 0xffffffff
Код: Выделить всё
ipfw add 400 fwd 192.168.0.5,3128 tcp from any to any 80 in recv gre0




Примено где то так! Любые мысли приветствуються!