cancel
Showing results for 
Search instead for 
Did you mean: 

How to work with WCCP v2?

Sakkarin_Westco
Altostratus
Altostratus

Hi All

   I have APM module and SWG and need to redirect traffic from Cisco L3 switch but can't work. Please suggest me.Screen Shot 2565-05-09 at 20.27.16.pngScreen Shot 2565-05-09 at 20.27.10.png

 

2 REPLIES 2

When you mean it does not work have you done packet capture on the F5 after following article https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-secure-web-gateway-13-1-0/3... to see if the traffic is reaching the F5 device first and if F5 is returning a reply? You need to do a little investigation:

 

https://support.f5.com/csp/article/K13637

 

After that you need to set the SWG as a transperant proxy as if it was explicit you wouldn't need WCCP in the first place:

 

https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-secure-web-gateway-13-1-0/3...

 

 

Extra Article for another F5 module but it is the same for APM:

 

https://techdocs.f5.com/kb/en-us/products/big-ip-aam/manuals/product/aam-network-configuration-11-6-...

Where did  he say it is Palo Alto Firewall as he mentioned Cisco and Cisco support WCCP ? Also PA needs to do SSL decryption as I also worked with PA it has issues with SSL decryption as it is not made to be a proxy device and it can't handle a lot of SSL traffic. There newer models PA that have SSL hardware but I have not tested them and for SSL decryption in many cases the F5 SSL orchestrator can be used to send the traffic to PA as HTTP and the SSL orchestrator has some of the functions of F5 SWG, so it can be a nice replacement that can be used together with PA.