Hello, I've been trying to get a transparent squid setup to work with our Cisco Cat 6500 MSFC layer 3 switch, which supports WCCP2 with L2 redirect (not GRE). I can see the traffic reaching the squid box, and using a shorewall redirect rule, it should be reaching squid on port 3128, but I see no evidence of this in squid logs.
tcpdump on the squid box shows this: 14:58:00.929489 IP 10.3.5.23.2565 > 136.1.241.33.80: S 4047376542:4047376542(0) win 65535 <mss 1460,nop,nop,sackOK> 14:58:00.929745 IP 136.1.241.33.80 > 10.3.5.23.2565: S 2225419399:2225419399(0) ack 4047376543 win 5840 <mss 1460,nop,nop,sackOK> 10.3.5.23 is the client using a webbrowser to hit 136.1.241.33, with no proxy set. If I enable proxy to 72.2.0.4:80, squid works correctly, which confirms the redirect for port 80->3128 on the squid box is working. I'd appreciate some ideas on tracking down where this traffic is going. Thanks Shawn Wright I.T. Manager, Shawnigan Lake School http://www.shawnigan.ca
