On Wed, 25 Feb 2004, Valton Hashani wrote: > I have tried using WCCP with Cisco 7200 but I had problems opening SSL > pages. Sometimes it worked sometimes not.
This is most likely not due to WCCP but due to interception of http traffic. WCCP is not at all involved on SSL requests, and neither is any other interception method. Many web sites dislike https:// requests coming from a different address than the http:// requests initiating the session. As https:// is not intercepted but routed like any other traffic the requests arrives with the real client IP address. To get around this you have three options a) NAT the traffic outside the proxy and clients, making sure that both intercepted and normally routed traffic uses the same source IP address. b) Have the clients configured to use the proxy. c) Add access lists to your intercepting routers to not intercept sites where this is a problem. > I tried every possibility (using > different squid directives) to make it work and got various answers from > this mailing list, but I didn't find any stable solution. So I decided to > use policy based routing for tranparent mode. This worked and it is still > working very well. Then something was seriously wrong in your WCCP setup. Regards Henrik
