How to work with WCCP v2?

Sakkarin_Westco · ‎09-May-2022

Hi All

I have APM module and SWG and need to redirect traffic from Cisco L3 switch but can't work. Please suggest me.

Nikoolayy1 · ‎09-May-2022

When you mean it does not work have you done packet capture on the F5 after following article https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-secure-web-gateway-13-1-0/3... to see if the traffic is reaching the F5 device first and if F5 is returning a reply? You need to do a little investigation:

https://support.f5.com/csp/article/K13637

After that you need to set the SWG as a transperant proxy as if it was explicit you wouldn't need WCCP in the first place:

https://techdocs.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-secure-web-gateway-13-1-0/3...

Extra Article for another F5 module but it is the same for APM:

https://techdocs.f5.com/kb/en-us/products/big-ip-aam/manuals/product/aam-network-configuration-11-6-...

Nikoolayy1 · ‎11-May-2022

Where did he say it is Palo Alto Firewall as he mentioned Cisco and Cisco support WCCP ? Also PA needs to do SSL decryption as I also worked with PA it has issues with SSL decryption as it is not made to be a proxy device and it can't handle a lot of SSL traffic. There newer models PA that have SSL hardware but I have not tested them and for SSL decryption in many cases the F5 SSL orchestrator can be used to send the traffic to PA as HTTP and the SSL orchestrator has some of the functions of F5 SWG, so it can be a nice replacement that can be used together with PA.

DevCentral

How to work with WCCP v2?

Khoros Kudos Award 2022