Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Setting up a Transparent Proxy with a Catalyst 3750 or ASA

Status
Not open for further replies.

Mylon

IS-IT--Management
May 17, 2007
2
CA
Hello We have a catalyst 3750 in our organization. I was wondering if it would be possible to setup a transparent proxy using it.
We do not have a router so this is why I am trying to set it up.
Or could we setup a transparent proxy using a ASA?
we have 2 ASA's so if this is possible. Everywhere I look thought it says the ASA's can't do it.

Any help would be appreciated.

Thanks

Myles Peterson
 
What do you mean by a "transparent proxy" (the word proxy gets used to denote a lot of different functionalities these days)? If you are looking for a web proxy and caching, the ASA and the 3750 don’t support those features. Cisco makes a product called ACNS that performs web proxy and caching (typically what people think of as a proxy) and this products works with third party URL filtering software such as Websence. What is your purpose for using a proxy? Now a day’s proxies aren’t typically needed and web security can be handled in a variety of methods.
 
When you say transparent proxy, I am assuming you mean the use of WCCP to redirect all web user traffic to a Proxy device.

Neither the ASA or the 3750 currently support WCCP. The 3550 switches, Cisco Routers(as you probably already know), Catalyst 4500s and 6500s do support WCCP.

A cisco router is probably your most cost effective way to get the transparent proxy working.
 
Neither the ASA or the 3750 currently support WCCP. The 3550 switches, Cisco Routers(as you probably already know), Catalyst 4500s and 6500s do support WCCP.

The latest IOS for the 3750 (& 3560) has WCCP support (12.2(37)SE).

Andy
 
I'm kinda in the same boat with this one.

We've got a cisco 800 (IOS: 12.4(4)T6) and I don't think I can perform WCCP on it (neither do i particularly want to).

We have a proxy which is also running a webserver. What we'd like to do is rather than specify the proxy address on workstations is to have all port 80 traffic redirected to port 8080 on the proxy.

Setting up remote-map on the cisco has resulted in all port 80 traffic being redirected to the proxy - but on port 80. We'd like to to push through to port 8080, as the proxy is running a webserver on port 80...

Any ideas?
 
Thanks for the help.
We may go the upgrading IOS route or may just make the proxy available to the internet and have users authenticate on it.

 
its looks like the asa now supports wccp ver2 with the release of the 8.0 software.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top