WCCP - WS-C4510R+E / WS-X45-SUP7-E

Problemy z zakresu security (VPN, firewall, IDS/IPS itp.)

Moderatorzy: mikrobi, aron, garfield, gangrena, Seba, Wojtachinho

Wiadomość
Autor
goglas
member
member
Posty: 20
Rejestracja: 20 paź 2010, 21:58

WCCP - WS-C4510R+E / WS-X45-SUP7-E

#1

#1 Post autor: goglas » 11 lip 2018, 12:41

czesc

Problem, ktory mam wydaje sie trywialny a walcze z nim juz dlugo.

WCCP nie przekierowuje calego ruchu - bardzo malo to sieciowe okreslenie ale innego nie znalazlem.

Sytuacja wyglada tak, ze dopiero po kilkukrotnym odswizeniu strony ruch jest przekazywany do proxy (Forcepoint) I zaczyna dzialac.

Konfig ponizej:

Kod: Zaznacz cały

 ip access-list standard WS_PROXY
 permit 10.230.2.43

 ip access-list extended WS_REDIRECT
 deny ip any host 10.230.2.43
 deny ip any 10.0.0.0 0.255.255.255
 deny ip any 172.16.0.0 0.15.255.255
 deny ip any 192.168.0.0 0.0.255.255
 permit tcp host 10.230.0.154 any eq www
 permit tcp host 10.230.0.154 any eq 443
 !

 ip wccp check services all
 ip wccp source-interface Vlan531
 ip wccp 90 redirect-list WS_REDIRECT group-list WS_PROXY


 interface Vlan5
 ...
 ip wccp 90 redirect in
 ...
 end


 WCCP version 2 enabled, 1 service

 Service Clients Routers Assign Redirect Bypass
 ------- ------- ------- ------ -------- ------
 Default routing table (Router Id: 10.252.31.3):
 90 1 1 MASK L2 L2


 WCCP service information definition:
 Type: Dynamic
 Id: 90
 Priority: 255
 Protocol: 6
 Options: 0x00000012
 --------
 Mask/Value sets: 1
 Value elements : 64
 Dst Ports: 80 443 0 0 0 0 0 0

Co przegapilem ? Z gory dzieki z pomoc.
Ostatnio zmieniony 11 lip 2018, 12:51 przez goglas, łącznie zmieniany 1 raz.

Awatar użytkownika
konradrz
CCIE
CCIE
Posty: 328
Rejestracja: 23 sty 2008, 14:21
Lokalizacja: Singapore, SG
Kontakt:

Re: WCCP - WS-C4510R+E / WS-X45-SUP7-E

#2

#2 Post autor: konradrz » 11 lip 2018, 13:50

A proxy dobrze się komunikuje? Jakieś logi na tym Forcepoint?
Sprawdź

Kod: Zaznacz cały

debug ip wccp packets
debug ip wccp events
show ip wccp web-cache view 
show ip wccp web-cache detail
Też może się przydać design i best practices (i wiem że to dla 6500).

goglas
member
member
Posty: 20
Rejestracja: 20 paź 2010, 21:58

Re: WCCP - WS-C4510R+E / WS-X45-SUP7-E

#3

#3 Post autor: goglas » 17 lip 2018, 14:03

Kod: Zaznacz cały

show ip wccp 90 view 
    WCCP Routers Informed of:
        10.252.31.3

    WCCP Clients Visible:
        10.230.2.43

    WCCP Clients NOT Visible:
        -none-

Kod: Zaznacz cały

show ip wccp 90 detail 
WCCP Client information:
        WCCP Client ID:          10.230.2.43
        Protocol Version:        2.0
        State:                   Usable
        Redirection:             L2
        Packet Return:           L2
        Assignment:              MASK
        Connect Time:            6d04h
        Redirected Packets:
          Process:               0
          CEF:                   0
          Platform:              464540
        GRE Bypassed Packets:
          Process:               0
          CEF:                   0
          Platform:              0
        Mask Allotment:          64 of 64 (100.00%)

        Mask  SrcAddr    DstAddr    SrcPort DstPort
        ----  -------    -------    ------- -------
        0000: 0x00000000 0x00001741 0x0000  0x0000

        Value SrcAddr    DstAddr    SrcPort DstPort
        ----- -------    -------    ------- -------
        0000: 0x00000000 0x00000000 0x0000  0x0000
        0001: 0x00000000 0x00000001 0x0000  0x0000
        0002: 0x00000000 0x00000040 0x0000  0x0000
        0003: 0x00000000 0x00000041 0x0000  0x0000
        0004: 0x00000000 0x00000100 0x0000  0x0000
        0005: 0x00000000 0x00000101 0x0000  0x0000
        0006: 0x00000000 0x00000140 0x0000  0x0000
        0007: 0x00000000 0x00000141 0x0000  0x0000
        0008: 0x00000000 0x00000200 0x0000  0x0000
        0009: 0x00000000 0x00000201 0x0000  0x0000
        0010: 0x00000000 0x00000240 0x0000  0x0000
        0011: 0x00000000 0x00000241 0x0000  0x0000
        0012: 0x00000000 0x00000300 0x0000  0x0000
        0013: 0x00000000 0x00000301 0x0000  0x0000
        0014: 0x00000000 0x00000340 0x0000  0x0000
        0015: 0x00000000 0x00000341 0x0000  0x0000
        0016: 0x00000000 0x00000400 0x0000  0x0000
        0017: 0x00000000 0x00000401 0x0000  0x0000
        0018: 0x00000000 0x00000440 0x0000  0x0000
        0019: 0x00000000 0x00000441 0x0000  0x0000
        0020: 0x00000000 0x00000500 0x0000  0x0000
        0021: 0x00000000 0x00000501 0x0000  0x0000
        0022: 0x00000000 0x00000540 0x0000  0x0000
        0023: 0x00000000 0x00000541 0x0000  0x0000
        0024: 0x00000000 0x00000600 0x0000  0x0000
        0025: 0x00000000 0x00000601 0x0000  0x0000
        0026: 0x00000000 0x00000640 0x0000  0x0000
        0027: 0x00000000 0x00000641 0x0000  0x0000
        0028: 0x00000000 0x00000700 0x0000  0x0000
        0029: 0x00000000 0x00000701 0x0000  0x0000
        0030: 0x00000000 0x00000740 0x0000  0x0000
        0031: 0x00000000 0x00000741 0x0000  0x0000
        0032: 0x00000000 0x00001000 0x0000  0x0000
        0033: 0x00000000 0x00001001 0x0000  0x0000
        0034: 0x00000000 0x00001040 0x0000  0x0000
        0035: 0x00000000 0x00001041 0x0000  0x0000
        0036: 0x00000000 0x00001100 0x0000  0x0000
        0037: 0x00000000 0x00001101 0x0000  0x0000
        0038: 0x00000000 0x00001140 0x0000  0x0000
        0039: 0x00000000 0x00001141 0x0000  0x0000
        0040: 0x00000000 0x00001200 0x0000  0x0000
        0041: 0x00000000 0x00001201 0x0000  0x0000
        0042: 0x00000000 0x00001240 0x0000  0x0000
        0043: 0x00000000 0x00001241 0x0000  0x0000
        0044: 0x00000000 0x00001300 0x0000  0x0000
        0045: 0x00000000 0x00001301 0x0000  0x0000
        0046: 0x00000000 0x00001340 0x0000  0x0000
        0047: 0x00000000 0x00001341 0x0000  0x0000
        0048: 0x00000000 0x00001400 0x0000  0x0000
        0049: 0x00000000 0x00001401 0x0000  0x0000
        0050: 0x00000000 0x00001440 0x0000  0x0000
        0051: 0x00000000 0x00001441 0x0000  0x0000
        0052: 0x00000000 0x00001500 0x0000  0x0000
        0053: 0x00000000 0x00001501 0x0000  0x0000
        0054: 0x00000000 0x00001540 0x0000  0x0000
        0055: 0x00000000 0x00001541 0x0000  0x0000
        0056: 0x00000000 0x00001600 0x0000  0x0000
        0057: 0x00000000 0x00001601 0x0000  0x0000
        0058: 0x00000000 0x00001640 0x0000  0x0000
        0059: 0x00000000 0x00001641 0x0000  0x0000
        0060: 0x00000000 0x00001700 0x0000  0x0000
        0061: 0x00000000 0x00001701 0x0000  0x0000
        0062: 0x00000000 0x00001740 0x0000  0x0000
        0063: 0x00000000 0x00001741 0x0000  0x0000

Kod: Zaznacz cały

show debugging 
WCCP packet info debugging is on
WCCP events debugging is on

Kod: Zaznacz cały

Jul 17 07:57:49 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:57:49 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:57:49 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:57:49 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53484
Jul 17 07:57:59 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:57:59 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:57:59 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:57:59 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53485
Jul 17 07:58:09 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:58:09 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:58:09 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:58:09 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53486
Jul 17 07:58:19 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:58:19 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:58:19 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:58:19 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53487
Jul 17 07:58:29 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:58:29 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:58:29 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:58:29 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53488
Jul 17 07:58:39 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:58:39 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:58:39 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:58:39 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53489
Jul 17 07:58:49 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:58:49 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:58:49 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:58:49 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53490
Jul 17 07:58:59 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:58:59 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:58:59 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:58:59 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53491
Jul 17 07:59:09 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:59:09 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:59:09 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:59:09 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53492
Jul 17 07:59:19 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:59:19 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:59:19 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:59:19 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53493
Jul 17 07:59:29 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:59:29 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:59:29 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:59:29 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53494
Jul 17 07:59:39 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:59:39 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:59:39 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:59:39 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53495
Jul 17 07:59:49 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:59:49 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:59:49 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:59:49 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53496
Jul 17 07:59:59 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 07:59:59 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 07:59:59 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 07:59:59 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53497
Jul 17 08:00:09 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:00:09 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:00:09 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:00:09 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53498
Jul 17 08:00:19 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:00:19 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:00:19 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:00:19 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53499
Jul 17 08:00:29 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:00:29 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:00:29 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:00:29 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53500
Jul 17 08:00:39 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:00:39 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:00:39 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:00:39 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53501
Jul 17 08:00:49 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:00:49 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:00:49 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:00:49 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53502
Jul 17 08:00:59 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:00:59 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:00:59 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:00:59 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53503
Jul 17 08:01:09 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:01:09 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:01:09 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:01:09 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53504
Jul 17 08:01:19 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:01:19 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:01:19 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:01:19 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53505
Jul 17 08:01:29 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:01:29 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:01:29 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:01:29 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53506
Jul 17 08:01:39 i: WCCP-EVNT:D90: updating wc orig assign info
Jul 17 08:01:39 i: WCCP-EVNT:D90: reuse wc orig mask info (28 bytes)
Jul 17 08:01:39 i: WCCP-EVNT:D90: wc assignment validated
Jul 17 08:01:39 i: WCCP-PKT:D90: Sending ISY to 10.230.2.43, rcv_id:53507
Ktoś ma jakiś pomysł dlaczego takie zachowanie ma miejsce.
Ja nie widzę niczego co mogło by to powodować ale zakładam, że mam jakieś luki w wiedzy.

Z góry dzięki.

ODPOWIEDZ