Page 1 SuperStack ® Webcache User Guide SuperStack 3 Webcache 1000 3C16115 SuperStack 3 Webcache 3000 3C16116 SuperStack 3 Web Site Filter 3C16118 http://www.3com.com/ Part No. DUA1611-5AAA04 Published November 2002...
Page 2 All other company and product names may be trademarks of the respective companies with which they are associated. ENVIRONMENTAL STATEMENT It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we are committed to: Establishing environmental performance standards that comply with national legislation and regulations.
Page 3: Table Of Contents
Product Registration ETTING TARTED ACHING ONCEPTS AND EPLOYMENT What is the Webcache? The Webcache and 3Com Network Supervisor Before You Begin Network Configuration Concepts IP Addresses IP Address Rules Subnets and Using a Subnet Mask Domain Name System Domain Name System Syntax...
Page 4 WCCP Version 2 Proxy Relay Deployment Proxy Cache Deployment Manual Configuration Proxy Auto Configuration (PAC) Files Web Proxy Auto-Discovery (WPAD) Third-party Tools Inline Cache Deployment Parent Caching How does Parent Caching Work? Parent Caching Network Example ICP Caching NSTALLING THE EBCACHE Package Contents Webcache —...
Page 5 II M ANAGING THE EBCACHE CLI I SING THE NTERFACE Accessing the Command Line Interface Accessing the Command Line Interface Through the Console Port Accessing the Command Line Interface Over the Network Logging In To the Command Line Interface Exiting the Interface Understanding the Command Line Interface Entering Commands Displaying Menus...
Page 6 Performing Password Recovery III C ONFIGURING THE EBCACHE ONFIGURING EPLOYMENT ODES Configuring Transparent Cache Mode Configuring WCCP V1 Configuring WCCP V2 Configuring Proxy Relay with the SuperStack 3 Firewall Configuring Proxy Cache Mode Creating a Proxy Auto-configuration File Using the Webcache as a PAC File Server Configuring the Client Web Browser Configuring Inline Cache Mode Configuring Parent Caching...
Page 7 Understanding Content Filtering Modes 3Com Web Site Filter Registering the Webcache Activating the Web Site Filter Downloading a New Web Site Filter Setting Up the 3Com Web Site Filter Setting Up Filtering Policies Testing a URL Websense Enterprise Filtering Acquiring the Websense Enterprise Filtering Software...
Page 8 Setting Up Web Client Blocking Creating a Web Client Blocking List Saving the Web Client Blocking List Clearing the Web Client Blocking List Filter Exclusions Setting Up Filter Exclusion Lists Editing the Filter Exclusion List Loading Entries From a File into the Filter Exclusion List Saving the New Filter Exclusion List Clearing the Filter Exclusion List Setting Up Allow Lists and Deny Lists...
Page 9 Deleting Scheduled Tasks Checking the Status of Scheduled Tasks Viewing Details of Scheduled Tasks Using the 3Com Web Scheduler Browser Client Configuring the Webcache for the 3Com Web Scheduler Browser Client Installing the 3Com Web Scheduler Browser Client VI M...
Page 10 Viewing I/O Performance Graphs Viewing System Performance Graphs Emailing Performance Graphs Configuring Email Performance Graphs YSTEM IAGNOSTICS System Diagnostics Pinging Other Devices Performing a Ping Tracing IP Addresses Performing a Trace Route System Log Configuring the System Log What is a Syslog Server? Obtaining a Syslog Server Viewing the System Log VII M...
Page 11 VIII C OMMAND NTERFACE OMMAND NTERFACE A Quick Guide to the Commands Getting Started Exiting the Command Line Interface Displaying and Changing WAN and LAN Port Information Configuring the WAN and LAN Ports Displaying WAN and LAN Port Summary Information Displaying and Changing Protocol Information Specifying Basic Network Configuration Specifying Domain Name System Configuration...
Page 12 PC-AT Serial Cable Modem Cable RJ-45 Pin Assignments ECHNICAL PECIFICATIONS ECHNICAL UPPORT Online Technical Services World Wide Web Site 3Com Knowledgebase Web Services 3Com FTP Site Support from Your Network Supplier Support from 3Com Internet Support Telephone Support Returning Products for Repair...
Page 13 EFAULT ETTINGS FOR THE EBCACHE Default Settings Getting Started Wizard Settings EPLACING AND NSTALLING ACHE TORAGE EVICES Replacing a Failed Cache Storage Device Removing the Failed Cache Storage Device Adding a New Cache Storage Device Installing an Additional Cache Storage Device WCCP C ISCO OMMANDS...
Page 14 Drugs/Alcohol Gambling Violence Hate Speech Productivity Categories Astrology and Mysticism Entertainment Games General News Glamour and Intimate Apparel Hobbies Investment Job Search Motor Vehicles Personals and Dating Real Estate Shopping Sports Travel Usenet News ChatBlock...
Page 15 LOSSARY NDEX OFTWARE ICENSE GREEMENT ILTER RODUCT ICENSE GREEMENT GNU G 2, J 1991 ENERAL UBLIC ICENSE ERSION EGULATORY OTICES...
Page 17: About This Guide
Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the 3Com World Wide Web site: http://www.3com.com/...
Page 18: Conventions
BOUT UIDE Conventions Table 1 and Table 2 list conventions that are used throughout this guide. Table 1 Notice Icons Icon Notice Type Description Information note Information that describes important features or instructions Caution Information that alerts you to potential loss of data or potential damage to an application, system, or device Warning Information that alerts you to potential personal injury...
Page 19: Related Documentation
There are other publications you may find useful, such as: Documentation accompanying 3Com Network Supervisor. This is supplied on the CD-ROM that accompanies the Webcache. Documentation accompanying switches capable of Layer 4 redirection...
Page 20: Documentation Comments
3Com product documentation at this e-mail address. Questions related to technical support or sales should be directed in the first instance to your network supplier. Product You can now register your SuperStack 3 Webcache on the 3Com Web Registration site: http://www.3com.com/register/...
Page 21: Started
ETTING TARTED Chapter 1 Web Caching Concepts and Deployment Chapter 2 Installing the Webcache...
Page 23: Web Caching Concepts And Deployment
This chapter contains information about the concepts of web caching and the ways in which you can deploy the Webcache within your network. It covers the following topics: What is the Webcache? The Webcache and 3Com Network Supervisor Before You Begin Network Configuration Concepts Web Caching Overview...
Page 24: What Is The Webcache
Access Logs show you who has used the Internet and where they have been. The Webcache and The latest version of 3Com Network Supervisor is supplied on the 3Com Network CD-ROM that accompanies the Webcache. 3Com Network Supervisor Supervisor provides powerful, intuitive network management for small to medium enterprise networks.
Page 25: Before You Begin
LAN, it discovers the Webcache automatically and displays it on the topology map. The topology map indicates that the Webcache is a 3Com Webcache and uses a caching icon to represent it. Double-clicking on the caching icon launches the Web interface of the Webcache.
Page 26: Network Configuration Concepts
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT is a grouping of computers with related properties. For example you might group all computers in your company in the domain mycompany.com Example The internet (DNS) name is formed by webcache.mycompany.com combining the Host Name with the DNS domain webcache mycompany.com...
Page 27: Ip Address Rules
Network Configuration Concepts These suggested IP addresses are part of a group of IP addresses that have been set aside specially for use “in house” only. CAUTION: If your network has a connection to the external IP network, you must apply for a registered IP address. This registration system ensures that every IP address used is unique;...
Page 28: Domain Name System
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT The second part identifies the device on that subnet. The bits of the subnet mask are set to 1 if the device is to treat the corresponding bit in the IP address as part of the original network number or as part of the subnet number.
Page 29: Default Router
Network Configuration Concepts The host name must not exceed 63 characters in length. The host name must be comprised of alphanumeric characters, - (hyphens) and _ (underscores). You cannot enter a host name containing a space character. Domain Name The domain name must be at least 1 character long. Each character string can only be comprised of alphanumeric characters, (hyphens) and...
Page 30: Web Caching Overview
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT This hop-by-hop process continues until the IP packets reach the remote destination. The default router should be a device that is closer than the Webcache to the WAN link in your network, which the Webcache can send Web requests to in order to retrieve Web objects from the Internet.
Page 31 Web Caching Overview between the client machines and the origin Web servers. The Webcache then intercepts and serves requests from the client machines for Web content in the following way: 1 A URL is entered into a Web browser by a user on a client machine in your network.
Page 32: Current And Expired Content
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT Current and Expired Content stored in the cache can either be current (also known as fresh) or Content expired (also known as stale). If it is current, the content is up to date and the Webcache serves it to the client machine as a cache hit.
Page 33 Transparent caching solution. Therefore the Web browser on each client machine does not have to be configured. 3Com recommends that you deploy your Webcache on the LAN side of a firewall, or on the SuperStack 3 Firewall's DMZ port as described in “Proxy Relay Deployment”...
Page 34 1: W HAPTER ACHING ONCEPTS AND EPLOYMENT There are various configuration solutions for Transparent and Proxy caching which are summarized in Table Table 3 Summary of Deployment Modes Transparent caching Transparent Cache An overview of the Transparent cache deployment mode. page 36 Deployment Layer 4 redirecting switch.
Page 35: Choosing A Deployment Mode
Choosing a Deployment Mode Choosing a The flow chart shown in Figure 4 is a guide to choosing the most suitable Deployment Mode deployment mode for the Webcache in your network. Figure 4 Choosing a Deployment Mode...
Page 36: Transparent Cache Deployment
112. Figure 5 Transparent Cache Deployment Suitable 3Com Layer 4 redirection devices include switches and the SuperStack 3 Server Load Balancer (refer to the documentation supplied with your switch to find out if it is capable of Layer 4 redirection).
Page 37: Deploying The Superstack 3 Switch 4400, 4924 Or 4950 With The Webcache
Transparent Cache Deployment Advantages You do not have to configure the Web browser on each client machine that you want to access the Webcache. Deployment of the Webcache within your network is therefore easier to achieve and manage because you only need to configure the Layer 4 Redirection device and the Webcache itself.
Page 38 1: W HAPTER ACHING ONCEPTS AND EPLOYMENT Deploying the The following example describes how to install the SuperStack 3 Switch SuperStack 3 Switch 4400, Switch 4924 or Switch 4950 as a Layer 4 Redirection device. The 4400, 4924 or 4950 network layout is shown in Figure 6 below.
Page 39 Transparent Cache Deployment Important Considerations for the Switch 4400 This section contains some important considerations when deploying the Webcache with the Switch 4400 (3C17203, 3C17204). The Switch 4400 supports the SuperStack 3 Webcache 1000/3000. The Switch 4400 unit must have software version 2.02 or later installed.
Page 40 1: W HAPTER ACHING ONCEPTS AND EPLOYMENT The Webcache does not have to be directly connected to the Switch 4924 or 4950 - there can be intervening Layer 2 Switches or Hubs. The Switch 4924 or 4950 can only support one Webcache for a single unit.
Page 41: Web Cache Communication Protocol (Wccp)
Transparent Cache Deployment Figure 7 Deploying the Webcache and Server Load Balancer Together The Webcache is directly connected to a SuperStack 3 Server Load Balancer via the LAN port to improve the scaling and performance of a group of web servers. The Server Load Balancer partitions network traffic between a group of Web servers offering services to client machines.
Page 42 Configure Webcache redirection on the WAN side interfaces of the Cisco router, rather than on the LAN side interfaces of the router. 3Com recommends that you use WCCP V2 rather than WCCP V1 if possible. You can find further information about the Web Cache Communication Protocol at: http://www.cisco.com/warp/public/732/wccp/index.html...
Page 43: Wccp Version 2
Transparent Cache Deployment WCCP Version 1 Figure 8 WCCP Version 1 Deployment WCCP V1 allows a single WCCP-enabled Cisco router to operate with multiple Webcaches in your network. You need to specify the IP address of the router in the Web interface of each Webcache. For further information, see “Configuring WCCP V1”...
Page 44: Proxy Relay Deployment
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT WCCP V2 supports multiple WCCP-enabled Cisco routers operating with multiple Webcaches in a service group. Any of the available routers in the service group can redirect Web requests to any of the available Webcaches, improving performance and redundancy within your network.
Page 45: Proxy Cache Deployment
Proxy Cache Deployment Figure 10 Deploying the Firewall and Webcache Together Advantages You do not have to configure the Web browser on each client machine that you want to access the Webcache because all Web requests are automatically redirected by the Firewall. Disadvantages You have to add a Firewall to your network if it is not already available.
Page 46 1: W HAPTER ACHING ONCEPTS AND EPLOYMENT For further information, see “Configuring Proxy Cache Mode” page 115. Figure 11 Proxy Cache Deployment Advantages You do not have to add new devices to your network. The Webcache can be integrated into any network environment. You can use a PAC file to load balance Web requests from client machines between up to four Webcaches to achieve higher performance and resiliency.
Page 47: Manual Configuration
Proxy Cache Deployment Webcache fails, Web requests will automatically be sent to the other available Webcaches. For further information, see Figure 12 page Proxy Cache Solutions You can deploy the Webcache using the following Proxy Cache solutions: Manual Configuration Proxy Auto Configuration (PAC) Files Web Proxy Auto-Discovery (WPAD) Third-party Tools Migrating from Proxy Cache to Transparent Cache Mode...
Page 48: Proxy Auto Configuration (Pac) Files
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT 8 Click OK. To manually configure Netscape Navigator 4.5 or 6: 1 Open Netscape Navigator. 2 From the Edit menu, click Preferences. 3 Click the Advanced category and click Proxies. 4 Select Manual Proxy Configuration. 5 Click View.
Page 49: Web Proxy Auto-Discovery (Wpad)
Proxy Cache Deployment Figure 12 Proxy Cache Deployment with PAC File Load Balancing Web Proxy The Webcache and Microsoft Internet Explorer 5 (and later versions) Auto-Discovery support the Web Proxy Auto-Discovery (WPAD) protocol. This protocol (WPAD) enables the Web browser on client machines to automatically find and load proxy configuration information (stored in a PAC file) without user intervention.
Page 50 WPAD server answering the domain name or reaches the third-level domain. For example, Web browsers on client machines in the domain would query a.b.3Com.com wpad.a.b.3Com wpad.b.3Com.com and then .
Page 51 Proxy Cache Deployment You need to add the WPAD functionality to your DHCP server using DHCP Manager. For further information, view the Microsoft Knowledge Base at: http://search.support.microsoft.com/kb/c.asp (correct at time of publishing) and search for the article ID number Q252898 Configuring Internet Explorer to Use WPAD To configure Internet Explorer to use WPAD: 1 Open Internet Explorer.
Page 52: Third-Party Tools
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT http://www.ietf.org/internet-drafts/draft-cooper-webi-wpad-0 0.txt (correct at time of publishing) Third-party Tools There are applications from many vendors that can help you to manage networks of client machines. Microsoft offers the Internet Explorer Administration Kit and Systems Management Server, which allow you to remotely configure Web browsers and Proxy Cache settings.
Page 53: Parent Caching
TCP port number that you configure for the parent Webcache to send its requests. Any compliant HTTP proxy cache can be used as a parent Webcache. The parent Webcache does not have to be a 3Com SuperStack 3 Webcache.
Page 54: How Does Parent Caching Work
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT You can configure a child Webcache to forward requests to up to four parent Webcaches. If one of the parent Webcaches does not have the requested content or is unavailable, the child Webcache will automatically try the next specified parent Webcache.
Page 55: Parent Caching Network Example
Parent Caching Figure 14 Parent Caching 5 If the content is not in the parent Webcache, it is retrieved from either the origin server or another parent Webcache. The content is then cached by the parent Webcache and simultaneously served to the client machine and stored in the child Webcache.
Page 56: Icp Caching
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT Accidental Webcache Hierarchies An accidental Webcache hierarchy automatically exists in the networking example shown in Figure 15 if the parent Webcache is configured in either Transparent cache, Inline cache or WCCP mode. In each of these deployment modes Web requests are transparently intercepted by a device in your network and redirected to the Webcache.
Page 57 Consequently caching latency may go up as UDP messages are lost and unnecessary cache misses occur. 3Com recommends that you use Parent Caching in preference to ICP Caching unless you have an existing network of ICP Caches that you wish...
Page 58 1: W HAPTER ACHING ONCEPTS AND EPLOYMENT...
Page 59: Installing The
NSTALLING THE EBCACHE This chapter contains the information you need to install and set up the Webcache 1000/3000. It covers the following topics: Package Contents Webcache — Front View Detail Webcache — Rear View Detail Choosing a Suitable Site The Power-up Sequence Deploying the Webcache in Your Network Setting Up the Webcache for Management Connecting the Webcache to the Live Network...
Page 60: Package Contents
2: I HAPTER NSTALLING THE EBCACHE Package Contents Webcache 1000 (3C16115) or Webcache 3000 (3C16116) CD-ROM Documentation User Guide (this guide) Release Notes Warranty Information Sheet Power Cord Rack-Mounting Kit containing: 2 x Rack Mounting Rails 2 x Rack Mounting Brackets 2 x Adjustable Brackets 2 x Front Plates 16 x Screws...
Page 61: Webcache - Front View Detail
Webcache — Front View Detail Webcache — Front Figure 16 Webcache — Front View View Detail Activity LED Cache Storage Link Status Power/Self Status LED(s) LED(s) test LED Webcache 3000 Activity Activity Power/Self test green = ok green = 100 Mbps Cache Storage Status Link Status yellow = failed...
Page 62: Webcache - Rear View Detail
If the Webcache experiences an unrecoverable error during initialization the Power/Self Test LED flashes Green. Take a note of the color and status of each LED on the front before you contact 3Com technical support for assistance. Webcache — Rear Figure 17 Webcache —...
Page 63: Power Socket
Webcache — Rear View Detail connect the unit to a traditional PBX or public telephone network. Only connect RJ-45 data connectors, Switches or Routers to these sockets. Either shielded or unshielded data cables with shielded or unshielded jacks can be connected to these data sockets. Power Socket The Webcache automatically adjusts its power setting to any supply voltage in the range 90-240 VAC.
Page 64: Wan And Lan Port Leds
2: I HAPTER NSTALLING THE EBCACHE If Auto-Negotiation is disabled, you can configure: Link Speed — You can set this to 100 Mbps or 10 Mbps. Duplex State — You can set this to Full Duplex or Half Duplex. You cannot enable or disable the WAN or LAN port itself. The port can safely be left disconnected if it is not being used.
Page 65: Choosing A Suitable Site
The Webcache is accessible and cables can be connected easily. Water or moisture cannot enter the case of the Webcache. Air-flow is not restricted around the Webcache. 3Com recommends that you provide a minimum of 25 mm (1 in.) clearance.
Page 66 2: I HAPTER NSTALLING THE EBCACHE You must use the rack-mounting rails and screws supplied with the Webcache. Damage caused to the Webcache by using incorrect rails and screws invalidates your warranty. A Rack-Mounting Kit is supplied with the Webcache which contains the items shown in Figure 19.
Page 67 Rack-Mounting the Webcache To rack-mount your Webcache: 1 Place the Webcache the right way up on a hard flat surface, with the front facing towards you. The rack-mounting brackets are attached to each side of the Webcache, as shown in Figure Figure 20 Rack-Mounting Bracket Attached to the Webcache 2 Slide the rack-mounting rails off the rack-mounting brackets on both...
Page 68 2: I HAPTER NSTALLING THE EBCACHE Figure 21 Fitting a Rack-Mounting Rail to the Rear of the Rack 4 Attach the rack-mounting rail to the front of the rack. To do this: a Insert two screws through aligned openings in the front plate, rack and rack-mounting rail as shown in Figure b Tighten the screws with a suitable screwdriver.
Page 69: The Power-Up Sequence
The Power-up Sequence Figure 23 Attaching the Webcache to the Rack 7 Ensure that the ventilation holes in the Webcache are not obstructed. The Power-up The following sections describe how to get your Webcache powered-up Sequence and ready for operation. Powering-up the Use the following sequence of steps to power-up the Webcache: Webcache...
Page 70: Deploying The Webcache In Your Network
For further information about each deployment mode, see “Deployment Modes Overview” page CAUTION: 3Com recommends you set up the Webcache for management in a test network environment before you introduce it into your live network. For further information, see “Setting Up the Webcache for Management”...
Page 71: Setting Up The Webcache For Management
Setting Up the Webcache for Management Setting Up the You can quickly set up the Webcache for management in two ways: Webcache for Setting Up Using the Web Interface — Connect a management Management workstation to the Webcache over an IP test network or directly via a cross-over cable.
Page 72 Netscape Communicator v4.5 Netscape Communicator v4.6 Netscape Communicator v4.7 Netscape Communicator v6.0 3Com recommends that you use a later version of Internet Explorer than version 5.0. ™ For the browser to operate the Web interface correctly JavaScript Cascading Style Sheets must be enabled on your browser. These features are enabled on a browser by default.
Page 73 Setting Up the Webcache for Management Also the Web interface has been optimized for PC screens with the desktop area set to 800 by 600 pixels. 3Com recommends that you set the font size to Small Fonts. 2 In the Location/Address field of the browser, enter the URL of the Webcache.
Page 74: Setting Up Using The Command Line Interface
2: I HAPTER NSTALLING THE EBCACHE Webcache to your live network. For further information, see “Getting Started Wizard Settings” page 309. Setting Up Using the You can setup the Webcache for management via the Command Line Command Line Interface by running a Telnet session on a management workstation that Interface is connected to the Webcache over your test network, or locally via a console port connection.
Page 75 Setting Up the Webcache for Management For further information, see “Webcache — Rear View Detail” page Figure 28 Setting Up Through the Console Port To connect to the Webcache via the console port: 1 You must connect a terminal or terminal emulator to the console port on the rear panel of the Webcache.
Page 76: Connecting The Webcache To The Live Network
Webcache to your live network. In particular, ensure that the IP settings of the Webcache fit into those of your network. Choosing the Correct 3Com recommends that you use Category 5 cable to connect the LAN Cables port to your network — the maximum segment length for this type of...
Page 77: Connecting The Webcache
Additional Web content can be stored on the Webcache, increasing the chances of a cache hit. You need to purchase a hard drive approved by 3Com and insert it into the mounting tray in the third bay of the Webcache. A list of approved hard drives can be found at: htpp://www.3com.com/sswebcache...
Page 78 2: I HAPTER NSTALLING THE EBCACHE...
Page 79 ANAGING THE EBCACHE Chapter 3 Using the CLI Interface Chapter 4 Using the Web Interface Chapter 5 Securing Access to the Webcache Management Interfaces...
Page 81 CLI I SING THE NTERFACE This chapter contains information about managing the Webcache using the management software that resides on the Webcache. Managing the Webcache can help you to improve the efficiency of the Webcache and therefore the overall performance of your network. It allows you to make full use of the features offered by the Webcache, and to change and monitor the way it works.
Page 82: Accessing The Command Line Interface
3: U CLI I HAPTER SING THE NTERFACE Accessing the You can access the Command Line Interface using: Command Line A terminal or terminal emulator connected to the console port of the Interface Webcache directly, or through a modem. A terminal or terminal emulator connected to the Webcache over an IP network using Telnet.
Page 83: Accessing The Command Line Interface Over The Network Logging In To The Command Line Interface
“Logging in as a Default User” page To prevent unauthorized configuration of the Webcache, 3Com recommends that you change the default password as soon as possible. To do this using the Command Line Interface, you need to log in as the default user and then follow the steps described in “Changing the Admin...
Page 84: Exiting The Interface
3: U CLI I HAPTER SING THE NTERFACE If you have logged on correctly, the Top-level menu of the Command Line Interface is displayed as described in “Understanding the Command Line Interface” page 84. If you have not logged on correctly, the message is displayed and the login sequence starts again.
Page 85 Understanding the Command Line Interface From the Top-level menu, you can access these sub-menus: GettingStarted command This command allows you to specify basic configuration settings for the Webcache. Logout command This command allows you to logout of the Command Line Interface. PhysicalInterface Menu This menu contains commands that allow you to view and change the physical setup of the WAN and LAN ports on the Webcache.
Page 86: Displaying Menus
3: U CLI I HAPTER SING THE NTERFACE To enter commands that require values: Append the values to the name of the command. For example, to display the security menu and change your password, enter: security password <password> If you do not specify values for a command that requires them, you are prompted to enter the values.
Page 87 SING THE NTERFACE This chapter contains information about managing the Webcache using the management software that resides on the Webcache. Managing the Webcache can help you to improve the efficiency of the Webcache and therefore the overall performance of your network. It allows you to make full use of the features offered by the Webcache, and to change and monitor the way it works.
Page 88: Management Software Interfaces
“Command Line Interface” chapter on page 251. Even if you do not intend to actively manage the Webcache, 3Com recommends that you change the default password to prevent unauthorized access to your Webcache. See Chapter 5 for further information.
Page 89: Accessing The Web Interface
Netscape Communicator v4.6 Netscape Communicator v4.7 Netscape Communicator v6.0 If you use Internet Explorer, 3Com recommends that you use version 5.0 or later. For the browser to operate the Web interface correctly Javascript and Cascading Style Sheets must be enabled on your browser. These features are enabled on a browser by default.
Page 90 4: U HAPTER SING THE NTERFACE Figure 30 User Name and Password Screen If the user name and password screen is not displayed, see “Solving Web Interface Problems” page 277. 4 Enter your user name and password. For further information, see “Logging in as a Default User”...
Page 91: Understanding The Web Interface
The Web interface is made up of four areas: The Banner This is always displayed at the top of the browser window. It displays the 3Com logo and SuperStack logo. The Toolbar This is always displayed at the top of the browser window, underneath the Banner.
Page 92: The Toolbar
4: U HAPTER SING THE NTERFACE The Toolbar The Toolbar is always displayed at the top of the browser window, underneath the Banner. It contains six buttons which allow you to select different views. Click on a toolbar item to see the corresponding view: Summary —...
Page 93 Weekly Caching Performance Graphs. See Chapter Help — This view allows you to access the Online Help system for the Webcache, additional information from the 3Com Web site and provides specification guidelines for running the Web interface. The following will be displayed (See “The Help View”...
Page 94: The Navigation Tree
4: U HAPTER SING THE NTERFACE The Navigation Tree The Navigation Tree is always displayed on the left side of the browser window. It is a Windows Explorer-like interface that contains various icons which allow you to manage your Webcache. Figure 32 The Summary View Navigation Tree By default, when you open the Web interface, the Summary View is selected and the Navigation Tree is fully collapsed with only the top-level...
Page 95 The Navigation Tree The following table shows the various Navigation Tree symbols and their associated behavior: Symbol Behavior Indicates that the next level of the Navigation Tree hierarchy is currently expanded. Click the symbol to collapse the next level. This only affects the Navigation Tree — no changes are made to the Information Area.
Page 96: The Information Area
4: U HAPTER SING THE NTERFACE The Information The Information Area is always displayed on the right side of the browser Area window. It contains information about the managed Webcache. The information displayed depends on the view you select in the Toolbar: If the Summary View is currently selected, a table is displayed which shows summary information for the Webcache.
Page 97 The Information Area The device mimic is a virtual, interactive representation of the front and rear panels and the current status of the Webcache. All of the ports on the Webcache are shown. The device mimic is periodically updated to reflect changes in the Webcache.
Page 98 4: U HAPTER SING THE NTERFACE Click this to refresh the device mimic now. Mimic Help Click this for an explanation of the symbols and colors on the device mimic's ports and caching devices. The following table shows the various device mimic symbols and their associated behavior: Figure 35 Device Mimic Symbols Symbol...
Page 99: The Status Tables
“Automatic cache storage device has failed; for further information, see System Events” page 214 You should remove the failed cache storage device and return it to 3Com “Replacing a Failed Cache for replacement. For further information, see Storage Device” page 314...
Page 100: The Performance View
The Content Filtering Summary table shows the Filtering Mode currently employed, the status of the filter licence, the status of the 3Com Filter download and the time of the last successful download. The features shown depends on the type of filtering system used. The Websense Enterprise Filtering Mode will show different information to that of Manual Filtering or 3Com Web Site Filtering.
Page 101 Click Disk Failure to open a 3Com Knowledge Base article which informs you how to return a failed Cache Storage Device to 3Com. Click Home Page to display the Home page of the 3Com Web site in a new browser window.
Page 102 4: U HAPTER SING THE NTERFACE...
Page 103 ECURING CCESS TO THE EBCACHE ANAGEMENT NTERFACES This chapter contains information about ensuring that the Webcache is secure. It covers the following topics: Passwords Management Interface Setup Password Recovery...
Page 104: Passwords
“Logging in as a Default User” page CAUTION: To prevent unauthorized access and configuration of the Webcache, 3Com recommends that you set a password for the admin username as soon as possible. Setting Passwords To set the password using the Web interface, you need to login as the admin user, click Device on the toolbar and select Security >...
Page 105: Management Interface Setup
Management Interface Setup Management There are two methods of restricting the visibility of the Webcache’s Web Interface Setup Interface. Both methods are configured from the Setup Management screen. To access the Setup Management screen: 1 Log in to the Web interface. 2 Click Device on the Toolbar.
Page 106 5: S HAPTER ECURING CCESS TO THE EBCACHE ANAGEMENT NTERFACES You can restrict management of the Webcache by entering IP addresses that are allowed access at the Access restricted to the following IP Addresses: prompt. Enter a comma-separated list of IP addresses, an IP range or a combination of both.
Page 107: Performing Password Recovery
Webcache and reinserting it. 3Com recommends that you access the CLI in this instance by connecting a standard null-modem cable to the console port on the Webcache. Remove the power cord and then reinsert it to reboot the Webcache before the password recovery mode resets.
Page 108 5: S HAPTER ECURING CCESS TO THE EBCACHE ANAGEMENT NTERFACES 4 Enter to leave password recovery enabled, or enter enable disable turn it off. You are now logged in as the default admin user.
Page 109 ONFIGURING THE EBCACHE Chapter 6 Configuring Deployment Modes Chapter 7 Static Routes Chapter 8 System Time...
Page 111 ONFIGURING EPLOYMENT ODES This chapter contains information about how to configure the various deployment modes of the Webcache: Configuring Transparent Cache Mode Configuring WCCP V1 Configuring WCCP V2 Configuring Proxy Relay with the SuperStack 3 Firewall Configuring Proxy Cache Mode Creating a Proxy Auto-configuration File Configuring Inline Cache Mode Configuring Parent Caching...
Page 112: Configuring Transparent Cache Mode
6: C HAPTER ONFIGURING EPLOYMENT ODES Configuring To configure Transparent Cache mode using the Web interface: Transparent Cache Mode 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Set Caching Mode. The Set the Webcache Deployment Mode screen is displayed.
Page 113: Configuring Wccp V2
Configuring WCCP V2 If the Webcache is deployed in WCCP mode, you must use port 8081 to access the Webcache’s Web interface e.g. http://192.168.1.253:8081. If you use port 80, you may experience problems accessing the Web interface. For further information, see “WCCP Version 1”...
Page 114 6: C HAPTER ONFIGURING EPLOYMENT ODES 11 Enter the authentication password used by the routers in the Password field. Enter it again in the Confirm field. The password must be 8 characters or less and is case-sensitive. Click Next. 12 The Finish screen is displayed. Carefully read the summary information, which displays the WCCP version, Router IP Addresses or Multicast Address and whether WCCP Password Authentication is enabled or disabled.
Page 115: Creating A Proxy Auto-Configuration File
Enable Web Site Blocking on the Webcache in preference to the Firewall, as the Webcache has more advanced filtering abilities and is able to use the 3Com Web Site Filter (3C16118) if installed. 2 Install the Firewall according to the SuperStack 3 Firewall User Guide (DUA1611-0AAA0x) taking into account any safety information.
Page 116: Using The Webcache As A Pac File Server
6: C HAPTER ONFIGURING EPLOYMENT ODES Select the protocols that the Web browsers on client machines should direct to the Webcache Bypass the Webcache for plain host names Distribute Web requests from client machines between up to four Webcaches to achieve higher performance and resiliency For further information, see “Proxy Auto Configuration (PAC) Files”...
Page 117: Configuring The Client Web Browser
Creating a Proxy Auto-configuration File If you wish to use the PAC file on a network server, click Save. The File Download screen is displayed. Select Save this file to disk and enter a filename and location to save the file to. Configuring the You must next set the Web browser to read the PAC file for its settings.
Page 118: Configuring Inline Cache Mode
6: C HAPTER ONFIGURING EPLOYMENT ODES Configuring Inline To configure Inline Cache mode using the Web interface: Cache Mode 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Set Caching Mode. The Set the Webcache Deployment Mode screen is displayed.
Page 119: Configuring Parent Caching
Configuring Parent Caching Configuring Parent To enable and configure Parent Caching using the Web interface: Caching 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Parent Caches > Setup Parent Caches in the Navigation Tree. 4 Check Enable Parent Proxy Caches.
Page 120 6: C HAPTER ONFIGURING EPLOYMENT ODES 3 Select Parent Caches > Edit Exclude List in the Navigation Tree. 4 In the Enter the Domain Name, IP Address or IP Address Range field, enter the domain name, IP address or IP address range to add to the list and click Add.
Page 121: Saving The Parent Cache Exclusion List
Configuring Parent Caching You should choose to merge with the current list if you have a partial list of entries in an external file that you want to add to the list on the Webcache. 6 Select Load to load the new list. Loading a list may take a few seconds to complete, depending on the number of entries being loaded.
Page 122: Clearing The Parent Cache Exclusion List
6: C HAPTER ONFIGURING EPLOYMENT ODES Saving a list may take a few seconds to complete, depending on the number of entries being loaded. Clearing the Parent You can use the Clear Exclude List screen to delete all the current entries Cache Exclusion List in the Parent Cache Exclusion List.
Page 123: Configuring Icp Caching
3Com recommends that you use Parent Caching in preference to ICP Caching unless you have an existing network of ICP caches that you wish to maintain.
Page 124: Adding Icp Peers
6: C HAPTER ONFIGURING EPLOYMENT ODES The standard ICP port number is 3130 and should not be changed unless the Webcache is being used in conjunction with other devices that require a different port number. 7 Set ICP Query Timeout (seconds) to the length of time you want to Webcache to wait for a response.
Page 125: Deleting Icp Peers
Configuring ICP Caching Deleting ICP Peers To delete ICP peers: 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select ICP Control > Edit ICP Peers in the Navigation Tree. 4 Select the peer that you want to delete form the table at the bottom of the window.
Page 126 6: C HAPTER ONFIGURING EPLOYMENT ODES...
Page 127 TATIC OUTES This chapter contains information about the concepts of static routing and how to configure static routes on the Webcache. It covers the following topics: What are Static Routes? Static Routes Example Advantages of Static Routes Configuring Static Routes...
Page 128: What Are Static Routes
7: S HAPTER TATIC OUTES What are Static Routes to remote networks are typically obtained dynamically through Routes? routing protocols. However, you can also choose to provide routes manually. These routes are referred to as Static Routes. A static route is associated with an interface that represents the remote network.
Page 129: Advantages Of Static Routes
Configuring Static Routes The solution in this scenario is to enter a static route on the Webcache to use a LAN-side router for all requests destined for the LAN-side server. When the Webcache processes the cache miss, instead of passing the packet to the default router, it sends it to the LAN-side router which has direct connectivity to the LAN-side server.
Page 130 7: S HAPTER TATIC OUTES 5 Enter the subnet mask of the network that you are creating a static route for in the Subnet Mask field. 6 Enter the IP address of the router for the static route in the Gateway field. 7 Select the Add button to create the static route.
Page 131 YSTEM This chapter explains how to configure the system time of the Webcache. It contains the following topics: Configuring the System Time Network Time Protocol Configuring the System Time Using the Network Time Protocol Configuring the System Time Manually System Time and Performance Graphs...
Page 132: Configuring The System Time
Configuring the System Time Manually — for further information, see page 134. 3Com recommends that you use the Network Time Protocol to configure the system time of the Webcache. Network Time The Network Time Protocol (NTP) is used to synchronize the time of client...
Page 133 (correct at time of publishing) 3Com recommends that if your network has an internal NTP server, you should use this rather than a public stratum server. If not, you should use the lowest stratum public NTP server available to you.
Page 134: Configuring The System Time Using The Network Time Protocol Configuring The System Time Manually
8: S HAPTER YSTEM Configuring the To configure the system time of the Webcache using the Network Time System Time Using Protocol, you must enter the following information in the Getting Started the Network Time wizard or Time Configuration command in the Web interface: Protocol 1 Select a timezone from the options in the Timezone drop-down list.
Page 135: System Time And Performance Graphs
System Time and Performance Graphs System Time and When the system time of the Webcache is set manually, all of the current Performance Performance Graphs are reset and all previous graph history is lost. You Graphs should therefore only change the system time when it is absolutely necessary.
Page 136 8: S HAPTER YSTEM...
Page 137 ONTROLLING AND ONITORING CCESS Chapter 9 Monitoring Web Access Chapter 10 Using Content Filtering...
Page 139 ONITORING CCESS This chapter contains information about controlling and monitoring the access of the users of your network through the Webcache to the Internet. It covers the following topics: Access Logging Filter Logging Storing the Log Files Viewing the Access Log Analyzing the Access Log Viewing the Filter Log...
Page 140: Access Logging
9: M HAPTER ONITORING CCESS Access Logging Access Logging allows you to track which client machines have accessed which Web sites through the Webcache. You can configure the Webcache to log all Web accesses. Access Logging and the Squid access log format are enabled by default but if you want to change the log format do the following: 1 Log in to the Web interface.
Page 141 Storing the Log Files request filtered, by combining the FTP logs. By default, the saved access logs are based on the standard Squid access log format and can be analyzed using off-the-shelf log analysis tools. When the logs are offloaded both the Access Log and the Filter Log will be saved.
Page 142: Viewing The Access Log
3Com recommends that you select the Webtrends Extended Log Format (WELF) option and use Webtrends Log Analyzer or WebTrends Firewall Suite to analyze the access logs that the Webcache produces: http://www.webtrends.com...
Page 143: Viewing The Filter Log
Viewing the Filter Log Calamaris is a free open source tool available from the following URL: http://calamaris.cord.de (correct at time of publication) All three Netscape format log files can be analyzed by Netscape’s program Flexanlg, which is distributed with Netscape Web and Proxy Servers beginning with version 2.0.
Page 144 9: M HAPTER ONITORING CCESS...
Page 145 ILTERING This chapter explains how to use the Webcache to control and monitor access to the Internet from your network. It covers the following topics: Introducing Content Filtering 3Com Web Site Filter Websense Enterprise Filtering Manual Content Filtering Default Rule...
Page 146: Introducing Content Filtering
Improved network performance. The list of sites used to allow or deny access can be automatically loaded using the 3Com SuperStack Web Site Filter and entered by hand using the Allow and Deny lists of the Webcache. Alternatively control for filtering Web sites can be passed to an external server which incorporates a Websense Enterprise filter.
Page 147: Com Web Site Filter
When you configure your Webcache to use Manual Filtering or the 3Com Web Site Filtering service, the Websense Enterprise filtering commands on the Webcache are disabled.
Page 148 Default Rule. 6 3Com Web Site Filter — The Webcache compares the Web site against all the sites in the categories that are in the currently active Filter Policy. See below for setup and configuration information and “Setting Up...
Page 149: Registering The Webcache
To extend the use of the 3Com Web Site Filter you need to purchase Web Site Filter licenses from your 3Com reseller. 3Com will send you an email when your Web Site Filter license is about to expire. If your Web Site Filter license does expire, the 3Com Web Site Filter will continue to operate using the most recently downloaded list for 30 days.
Page 150: Downloading A New Web Site Filter
You can also set up the Webcache to automatically download the latest Web Site Filter from the 3Com Web Site at a specified time. To download the Web Site Filter: 1 Log in to the Web interface.
Page 151: Setting Up The 3Com Web Site Filter
10 Click Next. 11 Select the default rule to be applied to all web requests if the 3Com Web Site Filter service is not available or has expired. Choose Deny All to deny access to all Web sites or Allow All to allow access to all Web sites.
Page 152: Setting Up Filtering Policies
1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > 3Com Web Site Filter > Category Sets in the Navigation Tree. 4 To add a Category Set, enter the name in the Category Set Name field, then select Add.
Page 153 1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > 3Com Web Site Filter > Policy Schedule in the Navigation Tree. 4 Click Add, to add a policy to the Policy Schedule.
Page 154: Testing A Url
1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > 3Com Web Site Filter > Test a URL in the Navigation Tree. 4 Enter the URL that you want to test.
Page 155: Websense Enterprise Filtering
Webcache receives. Websense Enterprise then decides whether to allow or deny the request. When you configure your Webcache to use Websense Enterprise filtering, the Manual Filtering and the 3Com Web Site Filtering commands on the Webcache will be disabled. When a client computer attempts to access a Web site, the Webcache applies the following rules in the order listed: 1 Web Client Blocking —...
Page 156 10: U HAPTER SING ONTENT ILTERING select the Universal option. For further information, see the instructions that accompany the Websense Enterprise software. Setting Up Websense Having acquired and installed the Websense Enterprise filtering software Enterprise Filtering on your server, you can now set up your Webcache for Websense on your Webcache filtering.
Page 157 Web sites to which you want to either allow or deny access. When you configure your Webcache to use Manual Filtering or the 3Com Web Site Filtering service, the Websense Enterprise filtering commands on the Webcache are disabled.
Page 158: Setting Up Manual Content Filtering
10: U HAPTER SING ONTENT ILTERING It is important to use caution when adding keywords to the list as you may filter sites other than you intend. For example, blocking the word breast may filter sites on breast cancer as well as objectionable or pornographic sites.
Page 159: Default Rule
Default Rule The Default Rule is the last filter used if Manual Filtering has been selected and the rule that is applied if the 3Com Web Site Filter has expired or if the Websense Enterprise server fails to respond. The Default Rule can take one of two values: Allow All —...
Page 160: Blocking And Logging Behavior
The Webcache will only log and block in the 3Com Web Filter and Manual modes. If you are using Websense Enterprise filtering refer to the documentation supplied with Websense Enterprise for an equivalent function.
Page 161: Storing The Filter Log
Web Client Blocking 7 Click Next and then Finish to close the Setup Filtering Wizard. Storing the Filter Log You can specify an FTP server to which you want to periodically save the log files. If this option is enabled, the logs are offloaded to the FTP server whenever any log reaches 250 MB in size, or every 24 hours, whichever comes first.
Page 162: Setting Up Web Client Blocking
10: U HAPTER SING ONTENT ILTERING Using a browser on a client machine whose IP address is not blocked by Web Client Blocking to access the Web Interface. All client machines that you specify in the Cache Bypass screen will not be prevented by the Webcache from accessing the Web.
Page 163: Creating A Web Client Blocking List
Web Client Blocking Allow all except — to allow all clients to access the Web except for those you specifically block. 6 Click OK. Creating a Web Client You can create a list of the IP addresses or IP address ranges of the client Blocking List machines for which you want to change the default Web Client Blocking behavior:...
Page 164 10: U HAPTER SING ONTENT ILTERING 5 If you want to remove an entry from the list, click on an entry in the list and click Remove. To delete all entries at once, click Remove All. Example If you select Deny all except when you set up Web Client Blocking (see “Setting Up Web Client Blocking”...
Page 165: Saving The Web Client Blocking List
Web Client Blocking 6 Select Load to load the new list. Loading a list may take a few seconds to complete, depending on the number of entries being loaded. List Rules There are certain rules that you must follow when loading a list of Web clients into the Web Client Blocking List.
Page 166: Clearing The Web Client Blocking List
Filter Exclusions allow you to specify and exclude particular client machines from any content filtering. The Exclusion List can be enabled when you set up the Webcache for Manual Content Filtering or 3Com Web Site Filtering. One use of the Filter Exclusion List is to exclude machines used by network administrators who must be exempt from content filtering.
Page 167 Filter Exclusions To add a client to the Filter Exclusion List: 1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > Filter Exclusion > Edit List in the Navigation Tree. 4 Enter the IP address or IP address range of the clients who you want to add to the Filter Exclusion List and click Add.
Page 168 10: U HAPTER SING ONTENT ILTERING You should choose to replace the current list if you have a complete list of entries in an external file that you want to use to overwrite the list on the Webcache. You should choose to merge with the current list if you have a partial list of entries in an external file that you want to add to the list on the Webcache.
Page 169: Clearing The Filter Exclusion List
Allow Lists and ranges of Web sites that you want to either allow or deny access to when Deny Lists you select the Manual Content Filtering or 3Com Web Site Filtering modes. To set up Allow/Deny lists using the Web interface: 1 Log in to the Web interface.
Page 170 10: U HAPTER SING ONTENT ILTERING Manually Entering a Web Site into the Allow List To manually enter a Web site into the Allow List: 1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > Allow/Deny Lists > Edit Allow List in the Navigation Tree.
Page 171 Setting Up Allow Lists and Deny Lists Manually Entering a Web Site into the Deny List To manually enter a Web site in the Deny List: 1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering >...
Page 172 10: U HAPTER SING ONTENT ILTERING Loading Entries From A text file containing a list of domain names, IP addresses or IP address a File into the Allow ranges, can be loaded into the Allow List or Deny List. To do this: List or Deny List 1 Log in to the Web interface.
Page 173: Clearing The Allow List Or Deny List
Setting Up Allow Lists and Deny Lists Each line in the file must not exceed 75 characters in length. Blank lines are ignored. There must be no spaces at the beginning of a line. The list can contain a maximum of 900 entries. If loading the file results in more than 900 entries, all subsequent entries after the limit has been reached will not be loaded into the list.
Page 174: Keyword Blocking
Keyword blocking allows the Webcache to prevent access to URLs containing particular words. Keyword Blocking can be enabled when you set up the Webcache for Manual Content Filtering or 3Com Web Site Filtering. You may specify a list of up to 900 URL keywords to the Webcache.
Page 175 Keyword Blocking 5 If you want to remove an entry from the list, click on an entry and click Remove. To delete all entries at once, click Remove All. Loading Entries From A text file containing a list of keywords can be loaded into the Keyword a File into the Blocking List.
Page 176: Clearing The Keyword Blocking List
10: U HAPTER SING ONTENT ILTERING There must be no spaces at the beginning of a line. The List can contain a maximum of 900 entries. If loading the file results in more than 900 entries, all subsequent entries after the limit has been reached will not be loaded.
Page 177 Customizing the Content Filter Response Screen If the client machine is blocked by Web Client Blocking, the Customize Response screen will not appear. To customize the response using the Web interface: 1 Click Content Filter on the Toolbar. 2 Select Webcache Filtering > Custom Response in the Navigation Tree. 3 Enter up to 512 characters of text or HTML code in the Add This Text field that you want to add to the response screen that informs the end user that access has been denied.
Page 178 10: U HAPTER SING ONTENT ILTERING...
Page 179 ONTROLLING ACHING Chapter 11 Controlling How Web Sites Are Cached Chapter 12 Preloading Content...
Page 181 ONTROLLING ITES ACHED This chapter contains information about Cache Control Clearing the Cache Cache Bypass...
Page 182: Setting Up Cache Control
11: C HAPTER ONTROLLING ITES ACHED Cache Control Cache Control allows you to control the caching behavior of the Webcache for specific Web sites. Cache control works in any deployment mode and has two functions: Cache Control can be used to reduce traffic across your WAN network and improve response time to your clients by pinning content for a period of time between an hour and a week.
Page 183 Cache Control Manually entering each Web site in the Edit List screen. Loading an existing list of Web sites from an external text file in the Load List From File screen. A combination of the above methods. Manually Entering a Web Site Into the Cache Control List To manually enter a Web site in the Cache Control List: 1 Log in to the Web interface.
Page 184 11: C HAPTER ONTROLLING ITES ACHED Alternatively, if you want the Webcache to cache and use the material from the site for a week, select Pin for one week instead of Never Cache. You must follow all of the rules listed in the “Domain Name System Syntax”...
Page 185: Saving The Cache Control List
900 entries in the Cache Control List, all subsequent entries after the limit has been reached will not be loaded into the List. Valid examples are: www.3com.com 0 www.domain1.com 2 www.domain2.com 24 215.115.0.0 48 216.115.0.0-216.115.255.255 168...
Page 186: Clearing The Cache
11: C HAPTER ONTROLLING ITES ACHED To clear the Cache Control List: 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Cache Control > Clear List in the Navigation Tree. 4 Click OK to clear the Cache Control List. The clear list process may take a few seconds to complete, depending on the number of entries in the list.
Page 187 Call Logging information. If this happens, add the IP address of your NBX system to the Client Bypass list. 3Com maintains a list of IP addresses of Websites that do not work correctly with Transparent Webcaches. Please check 3Com's Knowledgebase for the current list.
Page 188: Setting Up Cache Bypass
11: C HAPTER ONTROLLING ITES ACHED You can create a list of Web site IP addresses or address ranges. All requests from client machines to those domains will bypass the Webcache and go straight to the origin server. You can only use Cache Bypass lists when the Webcache is deployed in Transparent Cache mode.
Page 189 Cache Bypass or Web sites that you want to add to the list and click Add. Repeat this for each IP address that you want to bypass. Example You can enter to bypass that IP address 216.115.0.0-216.115.255.255 range, or enter to bypass that IP address.
Page 190: Saving The Cache Bypass Lists
11: C HAPTER ONTROLLING ITES ACHED The load list process may take a few seconds to complete, depending on the number of entries in the file. Load List Rules There are certain rules that you must follow when loading a list of Web sites into the Client Bypass and Web Site Bypass Lists.
Page 191: Clearing The Cache Bypass Lists
Cache Bypass Clearing the Cache You can use the Clear List screen to delete all the current entries in the Bypass Lists Cache Bypass List(s). To clear the Cache Bypass List(s): 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Cache Bypass >...
Page 192 11: C HAPTER ONTROLLING ITES ACHED...
Page 193 This chapter contains information about preloading Web sites into your Webcache before they are requested by clients browsing the Web. It is split into the following sections: Introduction Setting up Content Preload Preloading a Site Checking the Status of Scheduled Tasks Using the 3Com Web Scheduler Browser Client...
Page 194: Introduction
12: P HAPTER RELOADING ONTENT Introduction The Preload Content Feature enables the administrator and other authorized users to preload required sites onto the Webcache before they are requested. These preloads can be done manually or run on a schedule outside working hours and enable you to store content in the Webcache that you know will be required by a client’s Web browser.
Page 195 Status of Scheduled Tasks” page 199. Using the 3Com Web Scheduler Browser Client — The Webcache is shipped with a Browser plug-in for Microsoft Internet Explorer that allows designated users to schedule Content Preload tasks. See “Using the 3Com Web Scheduler Browser Client”...
Page 196: Preloading A Site
Web Scheduler Browser Client allows users who do not have the administration password to set up Preload Tasks using Internet Explorer. If you do not check this box the 3Com Web Scheduler Browser Client will not be able to access or create preload tasks on the Webcache. See “Using the 3Com Web Scheduler Browser Client”...
Page 197: Adding/Editing Scheduled Tasks
6 Enter or amend the Starting URL for the task. This is often the base URL for a site e.g. but can be any URL that you can http://www.3com.com enter from a Web browser. 7 Select Recursion Level from the drop-down box. The Recursion Level determines how deep the Webcache is to scan when looking for pages to preload.
Page 198: Temporarily Disabling A Scheduled Task
12: P HAPTER RELOADING ONTENT 10 Select the frequency of the preload task from Every Hour, Every Day, Every Week or Once. 11 Select the start time from the at: drop-down box. The preload task will start at the specified time of day but will not have a guaranteed finish time since it is conditional on the Web site and the performance of the Internet.
Page 199: Deleting Scheduled Tasks
Checking the Status of Scheduled Tasks 4 Select a Preload Task from the list. 5 Click Preload Now. The preload will start regardless of the scheduled time. 6 Click OK to return to the Web interface. You can only force one preload task at a time. If you try to force a preload task whilst another is running, you will be given the option to abort the current task.
Page 200: Viewing Details Of Scheduled Tasks
12: P HAPTER RELOADING ONTENT Last Complete Status — Shows if the preload task failed. A preload task has failed if no Web objects were retrieved. If the task retrieved any objects the word OK is displayed. Last Complete Time — Displays the time at which the task last completed.
Page 201: Client
7 Click Finish on the Preload Task Status screen to return to the Web interface. Using the 3Com The 3Com Web Scheduler Browser Client is a browser plug-in that allows Web Scheduler designated users to create, view, amend preload tasks without accessing Browser Client the Web interface of the Webcache.
Page 202 HAPTER RELOADING ONTENT 4 Ensure that the Enable 3Com Web Scheduler Browser Client box is checked. 5 Click the Change Password button, choose a password for the 3Com Web Scheduler Browser Client, and enter it in the Password box. You must supply this password to users of the 3Com Web Scheduler Browser Client to allow them to use this feature.
Page 203 4 In the Connection tab of the window enter the IP address of the Webcache and the Preload Account Password (as set up in “Configuring the Webcache for the 3Com Web Scheduler Browser Client” page 201). 5 In the File Location tab of the window enter the location where the user is to store their preload tasks ready for transfer to the Webcache.
Page 204 12: P HAPTER RELOADING ONTENT...
Page 205 ONITORING EBCACHE Chapter 13 Monitoring System Events Chapter 14 Performance Monitoring Chapter 15 System Diagnostics...
Page 207 ONITORING YSTEM VENTS This chapter contains information about the system events that can occur on the Webcache 1000/3000. It covers the following topics: System Events Email Notification SNMP Traps Automatic System Events...
Page 208: Configuring Email Notification
The emails are generated internally within the Webcache in a fixed format that is also used by 3Com Network Supervisor. The emails can be sent to as many accounts as you like.
Page 209 Email Notification 3Com recommends that you use the domain name of the Webcache as the email address. If you have entered “webcache” as the host name and “mycompany.com” as the DNS domain name of the Webcache, then you would enter “webcache@mycompany.com” as the email address.
Page 210: Smtp Authentication
13: M HAPTER ONITORING YSTEM VENTS A preload task has failed. Content Filtering Events This includes the following events: The content filter license has expired. The Websense Enterprise server is unreachable. In addition to the above, the Webcache automatically generates the email notifications shown in “Automatic System Events”...
Page 211 Email Notification CRAM-MD5. Both Windows Exchange and Unix servers support Plain authentication. Disabling SMTP Authentication If you disable SMTP Authentication by leaving Enable SMTP Authentication blank and not specifying an SMTP Username and SMTP Password, the SMTP server will attempt to authenticate email in the following way: If the SMTP server reports that it cannot accept unauthenticated email, the email will fail.
Page 212: Snmp Traps
13: M HAPTER ONITORING YSTEM VENTS SNMP Traps You can configure the Webcache to automatically generate Simple Network Management Protocol (SNMP) traps when certain significant system events occur. An SNMP trap is a message generated by the Webcache in response to a particular event. It is sent to a specified network management station in your network which receives and filters it.
Page 213 Private community string will gain read and write access to the Webcache to change its status or configuration. 3Com recommends that you change the default community strings to prevent unwanted users from gaining access to the Webcache.
Page 214: Automatic System Events
This is a and is attempting to reboot major failure. Contact 3Com itself. Technical support. System Error (too many The 3Com Webcache is in The 3Com Webcache is in The Webcache has failed reboots) System Error. Reboot System Error. Reboot...
Page 215 You can continue to use the Webcache. Caching Disk Failed Cache Storage device 'The 3Com Webcache has a A cache storage device <0,1,2> has failed in the disk failure for disk number: within the Webcache has 3Com WebCache. Please <0,1,2>.
Page 216 Click here to run the displayed. Software Upgrade wizard: http://nnn.nnn.nnn.nnn Software Upgrade 3Com Webcache unable to 3Com Webcache unable to The Webcache has failed to Download Failed retrieve information from retrieve information from download the new software upgrade detection server upgrade server.
Page 217 Automatic System Events System Event Email Message SNMP Trap Message Description Content Filter License The content filtering license The content filtering license The licence is about to Warning for the Webcache has for the Webcache has expire. Renew within the expired.
Page 218 13: M HAPTER ONITORING YSTEM VENTS...
Page 219 ERFORMANCE ONITORING This chapter contains information about monitoring the performance of the Webcache 1000/3000. It covers the following topics: Performance Monitoring Viewing Performance Graphs Viewing Caching Performance Graphs Viewing System Performance Graphs Viewing I/O Performance Graphs Emailing Performance Graphs...
Page 220: Performance Monitoring
The System Performance and I/O Performance graphs show more detailed information which is intended for use by your System Administrator and 3Com support personnel. Performance monitoring is always enabled; you cannot turn it off. You can also set up automatic emailing of the performance graphs to specified email accounts, enabling you to easily demonstrate the benefits of the Webcache to other people within your organization.
Page 221 Viewing Performance Graphs calculated as the ratio of bytes served by the Webcache to total requested bytes. A high graph rating is desirable because it indicates that the Webcache has reduced WAN bandwidth use. A low graph rating indicates the opposite. Hit Rate The hit rate reveals how effective the Webcache is at dealing with HTTP requests sent by clients.
Page 222 14: P HAPTER ERFORMANCE ONITORING Webcache’s peak capacity — will normally improve the caching behavior. However, a very low or zero request rate might indicate that the Webcache is not receiving the requests correctly and furthermore suggests that there is a problem with the setup and the deployment mode.
Page 223: Viewing I/O Performance Graphs
Connections timing out due to excessive traffic. Filtering Block Rate The percentage of requests from users that were blocked or logged by 3Com Web Site Filtering and Manual Filtering. If Websense Enterprise filtering is enabled, the Filtering Block Rate will always show zero.
Page 224: Viewing System Performance Graphs
14: P HAPTER ERFORMANCE ONITORING The Webcache has its own internal cache of DNS entries. The DNS Hit Rate shows how effective this cache is being in avoiding DNS lookups to the DNS server. Viewing System To view the System Performance graphs select System from the Performance Graphs navigation tree.
Page 225: Configuring Email Performance Graphs
“webcache@3com.com”. The partial address “webcache” would be rejected by the server. 3Com recommends that you use the domain name of the Webcache as the email address. If you have entered “webcache” as the host name and “mycompany.com” as the DNS domain name of the Webcache, then you would enter “webcache@mycompany.com”...
Page 226 14: P HAPTER ERFORMANCE ONITORING 12 In the Realm/Domain Name field, you can enter the Unix realm or Windows domain that the SMTP user belongs to, or leave the field blank. For further information about how SMTP Authentication operates on the Webcache, see “SMTP Authentication”...
Page 227 YSTEM IAGNOSTICS This chapter contains information about troubleshooting the configuration and network connectivity of the Webcache 1000/3000. It covers the following topics: System Diagnostics Pinging Other Devices Tracing IP Addresses System Log...
Page 228: System Diagnostics
15: S HAPTER YSTEM IAGNOSTICS System Diagnostics You can use the various system diagnostic capabilities of the Webcache to help you identify any problems that may occur. Ping — Ping other devices on the network. Trace Route — Trace the network hops to a device on your network. System Log —...
Page 229: Tracing Ip Addresses
Tracing IP Addresses You can interrupt a PING request at any time by clicking Stop. Some network environments block PING traffic on the network. The PING request may therefore fail even if the network device is operating normally. Tracing IP The Trace Route feature allows you to display the network hops from the Addresses Webcache to a device on an IP network.
Page 230: System Log
4 You can choose to save the contents of the System Log onto a single management station in your network that has syslog analysis tools. This is of particular benefit if you are working with 3Com support personnel. Enter the IP address of the syslog server in the Enter Syslog Server IP Address field to enable this feature.
Page 231 System Log should only enable it if you have been instructed to do so by 3Com support personnel. What is a Syslog Syslog is a standard protocol for reporting system events that occur on Server? the Webcache and most other modern network devices. A syslog server allows you to capture these system events, store them and display them in a variety of formats.
Page 232: Viewing The System Log
Click Refresh to update the information that is displayed. The System Log is primarily intended to be used by your System Administrator and 3Com support personnel to troubleshoot the Webcache.
Page 233 ANAGING EBCACHE OFTWARE Chapter 16 Configuration Management Chapter 17 Software Upgrades...
Page 235 ONFIGURATION ANAGEMENT This chapter contains information about saving and restoring the configuration settings of the Webcache 1000/3000. It covers the following topics: Saving and Restoring Configurations Saving a Configuration Restoring a Configuration...
Page 236: Saving And Restoring Configurations
To do this, you need to install the software image of the previous software version. This is available either on the CD supplied with the Webcache or on the 3Com FTP site. You need to perform a software installation to return the Webcache to a previous working software version.
Page 237: Saving A Configuration
Saving a Configuration If you had not previously saved a system configuration file for the older software version, you would still be able to install a previous software image, but you would have to re-enter all of the configuration settings. CAUTION: You cannot restore a system configuration which was created on a different software version to the version that the Webcache is currently running.
Page 238: Restoring A Configuration
The Webcache will automatically prompt you to save the current system configuration of the Webcache before you perform a software upgrade or a software installation. 3Com recommends that you always save the current system configuration of the Webcache before you make any significant changes to the configuration of the Webcache.
Page 239 OFTWARE PGRADES This chapter contains information about upgrading and installing the management software of the Webcache 1000/3000. It covers the following topics: Software Upgrades Software Downgrades Detecting a Software Upgrade Performing a Software Upgrade...
Page 240: Software Upgrades
The configuration of the Webcache is preserved after a software upgrade has been performed; you do not have to re-configure the settings. 3Com recommends that you configure the Webcache to automatically detect new software versions. Software Upgrade...
Page 241: Unsuccessful Software Upgrades
Webcache checks for a new software version every 24 hours after it was last rebooted, at the same time each day. You should leave the Upgrade Detection Settings screen at its factory default settings, unless you are instructed to change them by 3Com support personnel.
Page 242 If you want to disable automatic detection, and instead perform software upgrades from a file on a local server, ensure that Enable Automatic Software Upgrade Detection is unchecked. 4 The default FTP site settings are displayed: FTP Server Address: ftp.3com.com FTP Server Directory: pub/webcache Username: anonymous Password: Webcache@hostname.domainname...
Page 243: Performing A Software Upgrade
You may want to change the FTP site in order to download a software upgrade from a location other than the default 3Com FTP site. You can restore the FTP site to the factory defaults by clicking Restore Defaults.
Page 244 The Save Configuration operation saves the Webcache’s current system configuration as a file in another location on your network. 3Com recommends that you save your system configuration settings before you perform a software upgrade. Saving the configuration settings ensures that you can recover your entire system configuration if you need to re-install an older software version.
Page 245 License to read the 3Com End User Software License agreement. You cannot accept or decline the agreement until you have read it. 9 The 3Com End User Software License is displayed. Carefully read it and click Print if you want to print it out. Click Done to continue.
Page 246 License to view the 3Com End User Software License agreement. You cannot accept or decline the agreement until you have viewed it. 8 The 3Com End User Software License is displayed. Carefully read it and click Print if you want to print it out. Click Done to continue.
Page 247 Performing a Software Upgrade 12 The software upgrade may take several minutes to complete. The Software Upgrade Successful screen is displayed when the software upgrade has been successful. 13 Click Reboot to exit the Upgrade Software wizard and reboot the Webcache.
Page 248 17: S HAPTER OFTWARE PGRADES...
Page 249 VIII OMMAND NTERFACE Chapter 18 Command Line Interface...
Page 251 OMMAND NTERFACE The Webcache 1000/3000 has a Command Line Interface that allows you to manage certain features from a terminal. You may want to use the Command Line Interface to setup the Webcache for management through the console port or over your network via Telnet. This chapter describes how to access and use the Command Line Interface.
Page 252: A Quick Guide To The Commands
18: C HAPTER OMMAND NTERFACE A Quick Guide to Table 10 describes the commands that are available in the Command Line the Commands Interface. Table 10 Command Line Interface commands Command What does it do? Specifies basic setup information for the Webcache. gettingStarted Exits the current user from the Command Line Interface.
Page 253: Getting Started
Getting Started Getting Started The Getting Started command allows you to quickly configure or view basic setup information for the Webcache. To configure basic setup information: 1 At the Top-level menu, enter: gettingStarted The following prompt is displayed: Enter system name: 2 Enter a system name for the Webcache.
Page 254 18: C HAPTER OMMAND NTERFACE 9 Enter a valid domain name. The following prompt is displayed: Enter First Search Domain 10 Enter a valid search domain name. The following prompt is displayed: Enter Second Search Domain 11 Enter a valid search domain name. The following prompt is displayed: Enter First DNS Server [0.0.0.0]: 12 Enter a valid Domain Network System (DNS) Server IP address.
Page 255 Getting Started If you enter primary and secondary NTP server addresses and both are available, the Webcache automatically uses the most reliable one. If you entered , the following prompt is displayed: manual Enter date [dd/mm/yy]: Enter a valid date. The following prompt is displayed: Enter time: [hour:min:sec] Enter a valid time.
Page 256: Exiting The Command Line Interface
18: C HAPTER OMMAND NTERFACE The following prompt is displayed: Enter the mode of operation (proxy, transparent, inline) [transparent]: 21 Enter either proxy transparent inline For further information, see “Deploying the Webcache in Your Network” page If you entered , the following prompt is displayed: proxy Enter the port number [8080]: 22 Enter the port number on which the Webcache will listen for traffic.
Page 257: Displaying Wan And Lan Port Summary Information
Displaying and Changing WAN and LAN Port Information To configure the WAN and LAN port settings: 1 At the Top-level menu, enter: physicalInterface portMode The following prompt is displayed: Warning: Changing the port configuration may cause loss of any existing network connections to the Webcache. Do you wish to continue (yes/no) [no]: 2 Enter if you wish to proceed, or...
Page 258: Displaying And Changing Protocol Information
18: C HAPTER OMMAND NTERFACE An example of the summary information is shown below: Port Mode Current Speed Current Duplex Autonegotiate 100M Full duplex Autonegotiate No link No link Displaying and You can display and change the Protocol information for the Webcache Changing Protocol using the commands on the IP menu.
Page 259: Specifying Domain Name System Configuration
Displaying and Changing Protocol Information 4 Enter a valid gateway IP address. The following prompt is displayed: Enter Host name: 5 Enter a valid host name. The following prompt is displayed: Enter Domain name 6 Enter a valid domain name. The following prompt is displayed: Enter First Search Domain 7 Enter a valid search domain name.
Page 260: Resetting Ip And Dns Information To Factory Default Settings
18: C HAPTER OMMAND NTERFACE 2 Enter a valid host name. The following prompt is displayed: Enter Domain name 3 Enter a valid domain name. The following prompt is displayed: Enter First Search Domain 4 Enter a valid domain name. The following prompt is displayed: Enter Second Search Domain 5 Enter a valid domain name.
Page 261 Displaying and Changing Protocol Information The following prompt is displayed: This will reset the IP and DNS configurations to factory default settings: 192.168.1.253 Default IP address 255.255.255.0 Default Subnet mask 0.0.0.0 Default gateway none Default DNS hostname Default DNS domain name: 0.0.0.0 Default First DNS server 0.0.0.0...
Page 262: Pinging Other Devices
18: C HAPTER OMMAND NTERFACE Pinging Other The PING feature allows you to send out PING requests to test whether Devices devices on an IP network are accessible and functioning correctly. This feature is useful to diagnose connectivity problems such as a failed network device between the Webcache and the web server being accessed, or to help diagnose DNS setup problems.
Page 263: Displaying Ip Summary Information
Displaying and Changing Protocol Information Displaying IP You can display IP summary information for the Webcache using the Summary command on the Protocol menu. summary Information To display the IP information, at the Top-level menu, enter: protocol summary The IP information for the Webcache is displayed. An example of the IP information is shown below: IP address: 196.168.100.1 Subnet mask: 255.255.255.0...
Page 264: Displaying And Changing Security Information
18: C HAPTER OMMAND NTERFACE 2.BW-RTR-4.EUR.3Com.COM (161.71.21.45) 26.027ms, 27.156ms, 44.902ms 3.BW-RTR-1.EUR.3Com.COM (140.204.220.15) 24.323ms, 24.854ms, 30.096ms 4.janeway (161.71.123.36) 27.303ms, 33.639ms If the device is not accessible, or is not functioning correctly, a message similar to the following is displayed: No answer from 191.128.40.121...
Page 265 Displaying and Changing Security Information The following message is displayed: By default, the web interface is available on port 80 and port 8081. You can disable the web interface on port 80. Web interface is available on TCP Port 80 (yes/no) [yes]: 2 Enter to keep the Web interface available on port 80 (the default HTTP port), or...
Page 266: Changing The Admin Password
CAUTION: 3Com recommends that you leave Password Recovery enabled. If you disable it and subsequently forget the password for the admin user name, you will have to return the Webcache to 3Com. To enable or disable password recovery: 1 At the Top-level menu, enter:...
Page 267: Displaying And Changing Webcache Information And Functions
Displaying and Changing Webcache Information and Functions The Password Recovery feature is enabled. Enter new value (enable,disable) [enable]: Displaying and You can display and change information about the Webcache using the Changing commands on the System menu. These commands allow you to: Webcache Initialize the Webcache to factory default settings Information and...
Page 268: Rebooting The Webcache
For further information, see “Configuring SNMP Community Strings” page 212. 3Com recommends that you change the default community strings to prevent unwanted users from gaining access to the Webcache. To change the community strings: 1 At the Top-level menu, enter:...
Page 269: Specifying A Contact Name
Displaying and Changing Webcache Information and Functions The following prompt is displayed: Enter new Public (Get/Read) community [public]: 3 Enter the community string for Public (Get/Read) requests to the Webcache. You can enter a maximum of 30 characters for each community string. Specifying a Contact You can specify contact name details for the Webcache using the Name...
Page 270: Displaying Summary Information
18: C HAPTER OMMAND NTERFACE Enter system name [<system name>]: 2 Enter a system name for the Webcache. The name can be up to 80 characters long. Displaying Summary You can display the summary information for the Webcache using the Information command on the System menu.
Page 271 Displaying and Changing Webcache Information and Functions Contact Displays the details of a person to contact about the Webcache. For information about assigning new contact details, see “Specifying a Contact Name” page 269. Up Time Displays the time that has elapsed since the Webcache was last reset, initialized or powered-up.
Page 272 18: C HAPTER OMMAND NTERFACE...
Page 273 ROBLEM OLVING Chapter 19 Problem Solving...
Page 275 ROBLEM OLVING This chapter contains a list of known problems and suggested solutions. It covers the following topics: Accessing the Webcache via the Console Line Accessing the Webcache via Telnet Solving Problems Indicated by LEDs Solving Web Interface Problems Solving Command Line Interface Problems Solving Webcache Performance Problems Solving Client Browser Problems Solving General Webcache Problems...
Page 276: Accessing The Webcache Via The Console Line
19: P HAPTER ROBLEM OLVING Accessing the The terminal or terminal emulator cannot access the Webcache. Webcache via the Check that: Console Line Your terminal or terminal emulator is correctly configured to operate as a generic (TTY) terminal, or a VT100 terminal. You have performed the Command Line Interface wake-up procedure by pressing [Return] a few times.
Page 277: Solving Problems Indicated By Leds
Solving Problems Indicated by LEDs Check that the connections and network cabling for the LAN port are in place. If there is still a problem, try accessing the Webcache through a different port. If you can now access the Webcache, a problem may have occurred with the original port.
Page 278 19: P HAPTER ROBLEM OLVING Netscape Communicator v4.6 Netscape Communicator v4.7 Netscape Communicator v6.0 ™ For the browser to operate the Web interface correctly JavaScript Cascading Style Sheets must be enabled on your browser. These features are enabled on a browser by default. You will only need to enable them if you have changed your browser settings.
Page 279 Solving Web Interface Problems amounts of traffic on the network. Reload the Web interface by clicking Reload on the browser’s toolbar. If this does not solve the problem, go to the end of the URL in the Address field of the browser and press [Return]. This causes the page to be reloaded entirely.
Page 280: Solving Command Line Interface Problems Solving Webcache Performance Problems
Alternatively, the Webcache system time can be set manually. If you have configured the system time manually and it is inaccurate, the Webcache clock has probably drifted over time. 3Com recommends that you use the Network Time Protocol to prevent this. If this is not possible, reset the system time manually using the Time Configuration screen.
Page 281 Solving Webcache Performance Problems This service provides access to instructions about how to obtain a replacement cache storage device. As long as there is at least one working cache storage device, the Webcache will operate as a cache, but the failure of a cache storage device will degrade the performance of the Webcache.
Page 282: Solving Client Browser Problems
19: P HAPTER ROBLEM OLVING For further information about deploying the SuperStack 3 Firewall with the Webcache, see “Proxy Relay Deployment” page You have enabled Cache Bypass and the Webcache can no longer connect to the World Wide Web In a WCCP version 2.0 deployment, if the Webcache and client machines reside on the same subnet in your network, special settings are required on the Cisco router to implement the WCCP solution (see page...
Page 283: Solving General Webcache Problems
Webcache Problems Check if: The Power/Self Test LED on the front panel is Yellow or Off. This possibly indicates a system error. If so, contact 3Com support personnel. The Power/Self Test LED on the front panel is flashing Yellow. An internal emergency recovery procedure has reset the Webcache back to its factory default settings.
Page 284 Only the Webcache 3000 has accessible cache storage devices; you cannot remove them from the Webcache 1000. If a cache storage device fails in the Webcache 1000, you should return the whole unit to 3Com. If a cache storage device fails in the Webcache 3000, you can remove the device and return it to 3Com for replacement.
Page 285 PPENDICES AND NDEX Appendix A Safety Information Appendix B Cable Specifications and Pin-outs Appendix C Technical Specifications Appendix D Technical Support Appendix E Default Settings for the Webcache Appendix F Replacing and Installing Cache Storage Devices Appendix G Cisco WCCP Commands Appendix H Log Formats Appendix I...
Page 287 AFETY NFORMATION You must read the following safety information before carrying out any installation or removal of components, or any maintenance procedures on the Webcache 1000/3000. WARNING: Warnings contain directions that you must follow for your personal safety. Follow all directions carefully. You must read the following safety information carefully before you install or remove the unit.
Page 288: Important Safety Information
A: S PPENDIX AFETY NFORMATION Important Safety Information WARNING: Installation and removal of the unit must be carried out by qualified personnel only. WARNING: The unit must be earthed (grounded). WARNING: The unit must be connected to an earthed (grounded) outlet to comply with European safety standards and EMC standards.
Page 289 Important Safety Information WARNING: This unit operates under SELV (Safety Extra Low Voltage) conditions according to IEC 950. The conditions are only maintained if the equipment to which it is connected also operates under SELV conditions. WARNING: The appliance coupler (the connector to the unit and not the wall plug) must have a configuration for mating with an EN60320/IEC320 appliance inlet.
Page 290 A: S PPENDIX AFETY NFORMATION Consignes importantes de sécurité AVERTISSEMENT: L'installation et la dépose de ce groupe doivent être confiés à un personnel qualifié. AVERTISSEMENT: Vous devez mettre l’appareil à la terre (à la masse) ce groupe. AVERTISSEMENT: Vous devez raccorder ce groupe à une sortie mise à la terre (mise à...
Page 291 Consignes importantes de sécurité Etats-Unis et Le cordon doit avoir reçu l'homologation des UL et un Canada certificat de la CSA Le cordon souple doit respecter, à titre minimum, les spécifications suivantes: Calibre 18 AWG Type SV ou 5J A 3 conducteurs Le cordon doit être en mesure d'acheminer un courant nominal d'au moins 10 A La prise femelle de branchement doit être du type à...
Page 292: Wichtige Sicherheitsinformationen
A: S PPENDIX AFETY NFORMATION connecteurs de données RJ-45, systèmes de réseaux de téléphonie ou téléphones de réseaux à ces prises. Il est possible de raccorder des câbles protégés ou non protégés avec des jacks protégés ou non protégés à ces prises de données. Wichtige Sicherheitsinformat ionen...
Page 293 Wichtige Sicherheitsinformationen Bedingungen sind nur gegeben, wenn auch die an das Gerät angeschlossenen Geräte unter SELV-Bedingungen betrieben werden. VORSICHT: Der Gerätestecker (der Anschluß an das Gerät, nicht der Wandsteckdosenstecker) muß eine passende Konfiguration für einen Geräteeingang gemäß EN60320/IEC320 haben. VORSICHT: Nur für Frankreich: Diese Einheit kann nicht über Anschlüsse des Typs IT†...
Page 294 A: S PPENDIX AFETY NFORMATION...
Page 295: Cable Specifications
Category 3, because it supports both Ethernet (10 Mbps) and Fast Ethernet (100 Mbps) speeds. 3Com recommends that you use Category 5 cable — the maximum segment length for this type of cable is 100 m (328 ft).
Page 296: Pin-Outs
B: C PPENDIX ABLE PECIFICATIONS AND OUTS Pin-outs Null-Modem Cable 9-pin to RS-232 25-pin Webcache 1000/3000 PC/Terminal Cable connector: 9-pin female Cable connector: 25-pin male/female Screen Shell Screen only required if screen always required Ground Ground required for handshake PC-AT Serial Cable 9-pin to 9-pin Webcache 1000/3000 PC-AT Serial Port...
Page 297 Pin-outs Modem Cable 9-pin to RS-232 25-pin Webcache 1000/3000 RS-232 Modem Port Cable connector: 9-pin female Cable connector: 25-pin male Screen Shell Screen Ground Ground RJ-45 Pin Pin assignments are identical for 10BASE-T and 100BASE-TX RJ-45 Assignments connectors. Table 12 Pin Assignments Pin Number Signal Function...
Page 298 B: C PPENDIX ABLE PECIFICATIONS AND OUTS...
Page 299 –10 ° to +70 °C (14 ° to 158 °F) Operating Humidity 10–95% relative humidity, non-condensing Standards EN60068 to 3Com schedule (Package testing: paras 2.1, 2.2, 2.30, and 2.32. Operational testing: paras 2.1, 2.2, 2.30 and 2.13). Safety Agency Certifications UL 1950, EN60950, CSA 22.2 No.
Page 300 C: T PPENDIX ECHNICAL PECIFICATIONS Standards Supported SNMP: Terminal Emulation: SNMP protocol (RFC 1517) Telnet (RFC 854) MIB-II (RFC 1213) Protocols Used for Administration: Interface MIB (RFC 1573) UDP (RFC 768) Remote Monitoring MIB (RFC IP (RFC 791) 1757) ICMP (RFC 792) TCP (RFC 793) ARP (RFC 826) TFTP (RFC 783)
Page 301: Online Technical Services
3Com recommends that you access the 3Com Corporation World Wide Web site. Online Technical 3Com offers worldwide product support 24 hours a day, 7 days a week, Services through the following online systems: World Wide Web site...
Page 302: Com Knowledgebase Web Services
Knowledgebase is updated daily with technical information discovered by 3Com technical support engineers. This complimentary service, which is available 24 hours a day, 7 days a week to 3Com customers and partners, is located on the 3Com Corporation World Wide Web site at: http://knowledgebase.3com.com...
Page 303: Support From 3Com
Support from 3Com Support from 3Com If you are unable to obtain assistance from the 3Com online technical resources discussed earlier in this appendix, or from your network supplier, 3Com offers a range of support services. Purchase of a support contract gives you priority response and is typically more cost effective than purchasing service for a specific incident.
Page 304 D: T PPENDIX ECHNICAL UPPORT Here is a list of worldwide technical telephone support numbers. These numbers are correct at the time of publication. Refer to the 3Com Web site for updated information. Country Telephone Number Country Telephone Number Asia, Pacific Rim...
Page 305: Returning Products For Repair
Returning Products for Repair Returning Products Before you send a product directly to 3Com for repair, you must first for Repair obtain an authorization number. Products sent to 3Com without authorization numbers will be returned to the sender unopened, at the sender’s expense.
Page 306 Italy 199 161346 Latin America Antigua 1 800 988 2112 Guatemala AT&T +800 998 2112 Argentina 0 810 444 3COM Haiti 57 1 657 0888 Aruba 1 800 998 2112 Honduras AT&T +800 998 2112 Bahamas 1 800 998 2112...
Page 307: Default Settings
EFAULT ETTINGS FOR THE EBCACHE Default Settings Table 14 shows the factory default settings for the Webcache: Table 14 Default Settings Feature Webcache 1000/3000 Port Status LAN Port: Enabled Auto-negotiation WAN Port: Enabled Auto-negotiation Port Speed 10BASE-T/100BASE-TX Mbps ports are auto-negotiated Duplex Mode 10BASE-T and 100BASE-TX ports are auto-negotiated...
Page 308 Web site blocking Disabled Web Client Blocking Disabled Content Filter Mode Manual Content Preload Disabled 3Com Web Scheduler Disabled Filter Exclusion Disabled Allow List Disabled Deny List Disabled If you initialize the Webcache by selecting System > Control > Initialize...
Page 309: Getting Started Wizard Settings
Getting Started Wizard Settings Host Name Domain Name System (DNS) Domain All other settings are reset to the default values shown in Table Getting Started The following table shows the settings that you can configure in both the Wizard Settings Web interface and Command Line Interface Getting Started wizards.
Page 310 E: D PPENDIX EFAULT ETTINGS FOR THE EBCACHE Setting Meaning Default Example Search Domains Search domains allow you to control how (none) test.mycompany.com unqualified URLs are handled by the mycompany.com Webcache. An example of an unqualified URL is http://info/. They are typically used for Intranet web servers.
Page 311 1, 6, 23, 123, 161, 2048, 8081-8089, 49152-65535. Ports that you use for Proxy Mode cannot also be used for Transparent Mode. 3Com recommends you use the default port number of 8080 for Proxy Mode. Port 80 is always...
Page 312 E: D PPENDIX EFAULT ETTINGS FOR THE EBCACHE...
Page 313 EPLACING AND NSTALLING ACHE TORAGE EVICES This chapter contains information about replacing failed cache storage devices and installing a third cache storage device in the Webcache 3000. It covers the following topics: Replacing a Failed Cache Storage Device Installing an Additional Cache Storage Device WARNING: You can only replace and install Cache Storage Devices without removing power from the Webcache, if the Webcache is currently running software version 2.0 or later.
Page 314: Replacing A Failed Cache Storage Device
Only the Webcache 3000 has accessible cache storage devices; you cannot remove them from the Webcache 1000. If a cache storage device fails in the Webcache 1000, you should return the whole unit to 3Com. The Webcache will continue to operate with reduced performance if at least one cache storage device is functioning normally.
Page 315 Replacing a Failed Cache Storage Device 6 If you have mounted the Webcache in a rack using the supplied rack-mounting kit, you must slide the Webcache forward by approximately 1 inch, in order to fully open the front panel. 7 Open the front panel of the Webcache, as shown in Figure Figure 37 Opening the Front Panel Cac he Stor...
Page 316: Adding A New Cache Storage Device
77094716.3290900 (correct at time of publication) Adding a New Cache You can use a new cache storage device supplied by 3Com to replace the Storage Device failed device. To add a cache storage device to the Webcache 3000: 1 If you have mounted the Webcache in a rack using the supplied rack-mounting kit, you must slide the Webcache forward by approximately 1 inch, in order to fully open the front panel.
Page 317 A mounting tray is already installed in the third bay of the Webcache 3000. You simply need to purchase a 3Com-approved hard drive and insert it into the mounting tray in the third bay. A list of approved hard drives can be found at: http://www.3com.com/sswebcache...
Page 318 F: R PPENDIX EPLACING AND NSTALLING ACHE TORAGE EVICES 6 Gently push the mounting tray back into the Webcache until it stops. 7 Push in the arms on the front of the tray to click them into place. 8 Close the front panel of the Webcache. 9 Log in to the Web interface.
Page 319 WCCP C ISCO OMMANDS The Web Cache Communication Protocol (WCCP) allows the Webcache to be connected to one or more WCCP-enabled Cisco routers in your network. There are two versions of WCCP, known as WCCP V1 and WCCP V2, which require different deployment methods. In addition to configuring the Webcache, you also need to configure the Cisco routers using the Cisco Command Line Interface: Configuring WCCP Version 1.0...
Page 320 G: C WCCP C PPENDIX ISCO OMMANDS Configuring WCCP To configure WCCP version 1.0 on a Cisco router enter the following Version 1.0 settings in the Cisco Command Line Interface: ip wccp version 1 ip wccp web-cache interface eth0 ip wccp web-cache redirect out ip route-cache same-interface exit show ip wccp...
Page 321: Configuring Wccp Version 2.0
Cisco routers allow the use of multicast groups and security passwords on a per service group basis. For WCCP version 2.0 deployment on the 3Com SuperStack 3 Webcache, all service groups must be configured identically. For example, if you set a password for one service group, you must set the same password for all the other service groups.
Page 322: Configuring Wccp Multicast
<service-id> interface ethernet0 ip wccp <service-id> redirect out General Enter the following commands: configure terminal ip wccp <service-id> group-address 224.1.1.100 password 3com interface ethernet 0 ip wccp <service-id> redirect out interface ethernet 1 ip wccp <service-id> group-listen...
Page 323: Monitoring Wccp
Configuring WCCP Version 2.0 Cache Access List To achieve better security, you can tell the router which IP addresses are valid addresses for a webcache attempting to register with the current router, using a standard access list. The following example shows a standard access list configuration session where the access list number is 10 for a sample host: Enter the following commands:...
Page 324: Configuring Wccp Version 2.0 Within A Single Subnet Enabling Cisco Express Forwarding (Cef)
G: C WCCP C PPENDIX ISCO OMMANDS Configuring WCCP If you are configuring a network where the Webcache and client Version 2.0 Within a machines reside on the same segment, special settings are required on Single Subnet the Cisco router to implement a WCCP solution. Remove the command on the router ip wccp redirect exclude in...
Page 325: Access Log Formats
ORMATS The Webcache can save its log files to an FTP server (see “Storing the Log Files” page 140). The Access Logs are saved in five formats, described “Access Log Formats” below. The format of the Filter Log is described “Filter Log Format”...
Page 326: Squid Log Format
Webcache Access Log files with WebTrends reporting tools. 3Com recommends that you select the Webtrends Extended Log Format (WELF) option and use Webtrends Log Analyzer or WebTrends Firewall Suite to analyze the access logs that the Webcache produces: http://www.webtrends.com...
Page 327: Netscape Common Format
The client request timestamp; date and time of the client’s request. “req“ The full HTTP client request text, minus headers; for example, GET http://www.3com.com HTTP/1.0 status The proxy response status code; the HTTP response status code from proxy to client.
Page 328: Netscape Extended 2 Format
The client request timestamp; date and time of the client’s request. “req“ The full HTTP client request text, minus headers; for example, GET http://www.3com.com HTTP/1.0 status The proxy response status code; the HTTP response status code from proxy to client.
Page 329 The client request timestamp; date and time of the client’s request. “req“ The full HTTP client request text, minus headers; for example, GET http://www.3com.com HTTP/1.0 status The proxy response status code; the HTTP response status code from proxy to client. length The proxy response transfer length;...
Page 330: Webtrends Extended Log Format
H: L PPENDIX ORMATS WebTrends Extended Table 20 lists the WebTrends Extended Log Format logging fields. Log Format The format of WebTrends Extended Log Format log file entries is: id=firewall time fw pri proto duration sent rcvd src dst dstname user op arg result ref agent cache Table 20 WebTrends Extended Log Format (WELF) logging fields WebTrends Meaning...
Page 331: Filter Log Format
WebTrends Meaning Examples dstname The more user-friendly version of the dst= field. dstname=Webcache 3000 #1 dstname=www.3com.com user The user name is logged in this field. user=admin For HTTP and FTP requests, this is the operation such as op=GET GET, POST, etc.
Page 332 H: L PPENDIX ORMATS Table 21 Filter Log Format logging fields (continued) Filter Log Meaning ident The client authenticated user name if per-user authentication is enabled. If per-user authentication is not enabled, this field has the value "-". category The filter category (one of those described in Section 3.2.2) that prevented the access, e.g.
Page 333 RACE OUTE YMBOLS The Trace Route feature allows you to display the network hops from the Webcache to a device on an IP network. A symbol may be displayed after a network hop which provides further information about that hop. The symbol may indicate systems that are unwilling to participate in a traceroute, or a problem with the system concerned.
Page 334 I: T PPENDIX RACE OUTE YMBOLS...
Page 335: Core Categories
EFINITIONS Core Categories The 3Com Web Site Filter groups sites in the Core Categories so that you can block individual topics. The Web Site Filter will also block entire web hosting sites (ISPs) under all core categories. This is because such sites...
Page 336: Gambling
J: C PPENDIX ATEGORY EFINITIONS Alcohol and tobacco manufacturers' commercial Web sites. Sites detailing how to achieve ‘legal highs’, glue sniffing, misuse of prescription drugs or abuse of other legal substances. Sites that make available alcohol, illegal drugs, or tobacco free or for a charge displaying, selling, or detailing use of drug paraphernalia.
Page 337: Productivity Categories
News, historical, or press incidents that may include the above criteria (except in graphic examples) and are not blocked. Productivity The 3Com Web Site Filter aims to primarily cover the 20% of web sites Categories that generate 80% of the traffic under the productivity categories. The entire internet is simply large to filter and still perform satisfactorily.
Page 338: Games
J: C PPENDIX ATEGORY EFINITIONS Celebrity fan sites. City Guides. Games This includes: Web sites that allow a user to download or play online games. Tips and advice on playing computer and Internet-based games. Journals and magazines dedicated to game playing. Web sites hosting games and contests.
Page 339: Investment
Productivity Categories Investment This includes: Web sites that provide stock quotes, stock tickers and fund rates. Web sites that allow stock or equity trading online. Investing advice or contacts for trading securities. Money management/investment services or firms. Job Search This includes: Sites hosting job and resume listings.
Page 340: Shopping
J: C PPENDIX ATEGORY EFINITIONS Shopping This includes: Internet malls and online auctions. Department stores, retail stores, company catalogs online. Online downloadable product warehouses; specialty items for sale. Companies online dedicated to freebies or merchandise giveaways. Sports This includes: Official team or conference Web sites. National, international, college, professional scores and schedules.
Page 341 LOSSARY 3Com Network The 3Com umbrella management system used to manage all of 3Com’s Supervisor networking solutions. 3Com Web Scheduler A Web browser plug-in that allows permitted users to schedule content preloads without administrator access to the Webcache. 10BASE-T The IEEE specification for 10 Mbps Ethernet over Category 3, 4 or 5 twisted pair cable.
Page 342 LOSSARY client machine A computer, printer or server that is connected to a network. In this User Guide, client machine is used to describe a machine on your network which is running a Web browser such as Internet Explorer or Netscape Navigator.
Page 343 LOSSARY fresh Content stored in the cache can either be fresh (also known as current) or stale (also known as expired). If it is fresh, the content is up to date and the Webcache serves it to the client machine as a cache hit. See also current.
Page 344 LOSSARY IP address Internet Protocol address. A unique identifier for a device attached to a network using TCP/IP. The address is written as four octets separated with periods (full-stops), and is made up of a network section, an optional subnet section and a host section. Local Area Network.
Page 345 LOSSARY PING Packet Internet or Inter-Network Gropher. This feature allows you to send out a PING request to test whether devices on an IP network are accessible and functioning correctly. protocol A set of rules for communication between devices on a network. The rules dictate format, timing, sequencing and error control.
Page 346 LOSSARY TCP relates to the content of the data travelling through a network — ensuring that the information sent arrives in one piece when it reaches its destination. IP relates to the address of the client machine to which data is being sent, as well as the address of the destination network. Telnet A TCP/IP application protocol that provides a virtual terminal service, letting a user log into another computer system and access a device as...
Page 347 LOSSARY WPAD Web Proxy Auto-Discovery. This protocol enables the Web browser on client machines to automatically find and load proxy configuration information from a server without user intervention.
Page 348 LOSSARY...
Page 349 188 Cache Control 182 Numbers creating a list 182 10BASE-T/100BASE-TX port 63 setting up 182 3Com Knowledgebase Web services 302 cache storage device 3Com Network Supervisor 24, 208 adding 316 3Com URL 301 additional 317 3Com Web Scheduler 201...
Page 350 32 documentation 60 stale 32 release notes 60 content filtering user guide 60 3Com Web Site 147 Domain Name System (DNS) 28 allow/deny lists 169 syntax 28 blocking response screen 161 customizing the response screen 176 exclusion lists 166...
Page 351 NDEX factory defaults 65, 307 LAN port 63, 77 filter policy Hotspot 97 creating 152 LEDs 64 forcing a preload LEDs preloading content 198 color 69 forgetting your password 106 front panel 61 front panel 61 activity 62 front panel LEDs 61 cache storage status 61 activity 62 link status 61...
Page 352 NDEX modem cable 75 caching 220 pin-outs 297 abort and error rate 222 monitoring performance 219 bandwidth saving 220 monitoring Web access 139 filtering block rate 223 MRTG license 358 hit and miss latencies 222 hit rate 221 request rate 221 throughput 222 name command 269 I/O 223...
Page 353 NDEX Proxy Auto Configuration (PAC) 48 SMTP Client license 358 proxy cache 45 SNMP 212 manually configuring Web browsers 47 community string 268 Proxy Auto Configuration (PAC) 48 community strings 212 Web Proxy Auto-Discovery (WPAD) 49 SNMP traps 212 proxy mode 63 software upgrades 240 proxy relay 44 software 235, 239...
Page 354 Web client blocking creating a list 163 saving the list 185, 190 technical specifications 299 Web content technical support current 32 3Com Knowledgebase Web services 302 expired 32 3Com URL 301 fresh 32 network suppliers 302 stale 32 product repair 305...
Page 355 For example, if you purchased a five (5) pack license for a specific 3Com product, you may use it on five (5) units of such 3Com product. Otherwise, the Software and Documentation may be copied only as essential for backup or archive purposes in support of your use of the Software as permitted hereunder.
Page 356 Documentation, and may be amended only in a writing signed by both parties. Should you have any questions concerning this Agreement or if you desire to contact 3Com for any reason, please contact the 3Com subsidiary serving your country, or write: 3Com Corporation, Customer Support...
Page 357 TRADE SECRETS; TITLE: You acknowledge and agree that the structure, sequence and organization of the Product are the valuable trade secrets of 3Com and its suppliers. You agree to hold such trade secrets in confidence. You further acknowledge and agree that ownership of, and title to, the Product and all subsequent copies thereof regardless of the form or media are held by 3Com and its suppliers.
Page 358 ENTIRE AGREEMENT: This Agreement sets forth the entire understanding and agreement between you and 3Com and supersedes all prior agreements, whether written or oral, with respect to the Product, and may be amended only in a writing signed by both parties.
Page 359 recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary.
Page 360 code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.
Page 361 COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.
Page 362 EGULATORY OTICES FCC S TATEMENT This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.

This manual is also suitable for:

Superstack 3 webcache 1000

3Com SUPERSTACK 3 WEBCACHE 3000 User Manual

About this Guide

Started

1 Web Caching Concepts and Deployment

2 Installing the

Webcache

4 Using the Webinterface

5 Securing Access to Thewebcachemanagement

6 Configuringdeploymentmodes

7 Static Routes

8 System Time

9 Monitoring Web Access

3 Com Web Site Filter

Quick Links

Related Manuals for 3Com SUPERSTACK 3 WEBCACHE 3000

Summary of Contents for 3Com SUPERSTACK 3 WEBCACHE 3000