Table of Contents
Advertisement
WCCP v2 support
34
Finally you must configure interfaces connected to WCCP cache servers to accept wccp
messages.
If virtual domains are enabled, you configure WCCP separately for each virtual domain.
To configure WCCP
You configure WCCP from the CLI.
1 Start WCCP and configure WCCP database settings:
config system wccp
edit <service-id>
set router-id
set server-list <
set group-address <ip_mulicast_ipv4>
set password <password>
set forward-method {GRE | L2 | any}
set return-method {GRE | L2 | any}
set assignment-method {HASH | MASK | any}
next
end
Variable
authentication
{disable | enable}
<service-id>
router-id
<interface_ipv4>
server-list
<server_ipv4mask>
group-address
password
<password_str>
forward-method
{GRE | L2 | any}
return-method {GRE
| L2 | any}
assignment-method
{HASH | MASK | any}
2 Add a firewall policy to enable WCCP for traffic accepted by the firewall policy.
config firewall policy
Edit <policy_id>
(configure the firewall policy)
set wccp {enable | disable}
>
<interface_ipv4
server_ipv4mask>
Description
Enable or disable using use MD5 authentication for the
WCCP configuration.
0-255. 0 for HTTP.
An IP address known to all cache servers. This IP address
identifies a FortiGate interface IP address to the cache
servers. If all cache servers connect to the same FortiGate
interface, <interface_ipv4> can be 0.0.0.0, and the
FortiGate unit uses the IP address of that interface as the
router-id.
If the cache servers can connect to different FortiGate
interfaces, you must set router-id to a single IP address,
and this IP address must be added to the configuration of
the cache servers.
The IP addresses of the cache servers.
The IP multicast address used by the cache servers.
0.0.0.0 means the FortiGate unit ignores multicast WCCP
traffic. Otherwise, group-address must be from
224.0.0.0 to 239.255.255.255.
The MD5 authentication password. Maximum length is 8
characters.
Specifies how the FortiGate unit forwards traffic to cache
servers. If forward-method is any the cache server
determines the forward method.
Specifies how a cache server declines a redirected packet
and return it to the firewall. If return-method is any the
cache server determines the return method.
Specifies which assignment method the FortiGate prefers. If
assignment-method is any the cache server determines
the assignment method
What's new in FortiOS 4.0
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424
http://docs.fortinet.com/
Default
1
0.0.0.0
0.0.0.0
0.0.0.0
0.0.0.0
GRE
GRE
HASH
•
Feedback
- Quick Links:
- Introduction
- Ip Addresses
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
