| apsolar@gmail.com 2007-02-13, 7:13 pm |
| Hello,
I am trying to get WCCP working on the ASA for WAAS implementation.
Here is a simple snapshot of my config:
Eth 0/0 : Outside (to internet)
Eth 0/1 : Vlan1 (20.20.0.0/16) (trunk port to remote office LAN)
Eth 0/1.211 : Vlan211 (20.21.10.0/24)
Eth 0/1.212 : Vlan212 (20.21.20.0/24)
Eth 0/1.220 : Vlan220 (20.22.0.0/16)
Eth 0/2 : WAAS (20.21.30.0/24)
I have the site to site tunnel working. I can ping the WAAS device
from the other end of the tunnel but I cannot ping it from the
20.20.0.0/16 network. I have enabled traffic between interfaces on
same security level as WAAS and LAN have same security.
I get this error message:
3 Feb 12 2007 17:54:05 305006 20.20.10.101 portmap translation
creation failed for icmp src WAAS:20.21.30.230 dst LAN:20.20.10.101
(type 8, code 0)
How can I fix this?
My second question is regarding WCCP on ASA. Here is the WCCP part of
the config I have:
wccp 61 redirect-list WCCP_To_LAN
wccp 62 redirect-list WCCP_To_WAN
wccp interface outside 62 redirect in
wccp interface LAN 61 redirect in
access-list WCCP_To_LAN extended permit ip any 20.20.0.0 255.252.0.0
access-list WCCP_To_WAN extended permit ip 20.20.0.0 255.252.0.0 any
I am not seeing any packets being redirected to the WAE. I once
changed the access lists to 'any any' and I saw some packets but I
couldn't ping or telnet to the remote site. Could it be a loop? Is
there any way to exclude traffic to avoid loop?
Thanks
Ankit
|