Summary of Contents for 3Com SUPERSTACK 3 WEBCACHE 3000
Page 1
SuperStack ® Webcache User Guide SuperStack 3 Webcache 1000 3C16115 SuperStack 3 Webcache 3000 3C16116 SuperStack 3 Web Site Filter 3C16118 http://www.3com.com/ Part No. DUA1611-5AAA04 Published November 2002...
Page 2
All other company and product names may be trademarks of the respective companies with which they are associated. ENVIRONMENTAL STATEMENT It is the policy of 3Com Corporation to be environmentally-friendly in all operations. To uphold our policy, we are committed to: Establishing environmental performance standards that comply with national legislation and regulations.
Product Registration ETTING TARTED ACHING ONCEPTS AND EPLOYMENT What is the Webcache? The Webcache and 3Com Network Supervisor Before You Begin Network Configuration Concepts IP Addresses IP Address Rules Subnets and Using a Subnet Mask Domain Name System Domain Name System Syntax...
Page 4
WCCP Version 2 Proxy Relay Deployment Proxy Cache Deployment Manual Configuration Proxy Auto Configuration (PAC) Files Web Proxy Auto-Discovery (WPAD) Third-party Tools Inline Cache Deployment Parent Caching How does Parent Caching Work? Parent Caching Network Example ICP Caching NSTALLING THE EBCACHE Package Contents Webcache —...
Page 5
II M ANAGING THE EBCACHE CLI I SING THE NTERFACE Accessing the Command Line Interface Accessing the Command Line Interface Through the Console Port Accessing the Command Line Interface Over the Network Logging In To the Command Line Interface Exiting the Interface Understanding the Command Line Interface Entering Commands Displaying Menus...
Page 6
Performing Password Recovery III C ONFIGURING THE EBCACHE ONFIGURING EPLOYMENT ODES Configuring Transparent Cache Mode Configuring WCCP V1 Configuring WCCP V2 Configuring Proxy Relay with the SuperStack 3 Firewall Configuring Proxy Cache Mode Creating a Proxy Auto-configuration File Using the Webcache as a PAC File Server Configuring the Client Web Browser Configuring Inline Cache Mode Configuring Parent Caching...
Page 7
Understanding Content Filtering Modes 3Com Web Site Filter Registering the Webcache Activating the Web Site Filter Downloading a New Web Site Filter Setting Up the 3Com Web Site Filter Setting Up Filtering Policies Testing a URL Websense Enterprise Filtering Acquiring the Websense Enterprise Filtering Software...
Page 8
Setting Up Web Client Blocking Creating a Web Client Blocking List Saving the Web Client Blocking List Clearing the Web Client Blocking List Filter Exclusions Setting Up Filter Exclusion Lists Editing the Filter Exclusion List Loading Entries From a File into the Filter Exclusion List Saving the New Filter Exclusion List Clearing the Filter Exclusion List Setting Up Allow Lists and Deny Lists...
Page 9
Deleting Scheduled Tasks Checking the Status of Scheduled Tasks Viewing Details of Scheduled Tasks Using the 3Com Web Scheduler Browser Client Configuring the Webcache for the 3Com Web Scheduler Browser Client Installing the 3Com Web Scheduler Browser Client VI M...
Page 10
Viewing I/O Performance Graphs Viewing System Performance Graphs Emailing Performance Graphs Configuring Email Performance Graphs YSTEM IAGNOSTICS System Diagnostics Pinging Other Devices Performing a Ping Tracing IP Addresses Performing a Trace Route System Log Configuring the System Log What is a Syslog Server? Obtaining a Syslog Server Viewing the System Log VII M...
Page 11
VIII C OMMAND NTERFACE OMMAND NTERFACE A Quick Guide to the Commands Getting Started Exiting the Command Line Interface Displaying and Changing WAN and LAN Port Information Configuring the WAN and LAN Ports Displaying WAN and LAN Port Summary Information Displaying and Changing Protocol Information Specifying Basic Network Configuration Specifying Domain Name System Configuration...
Page 12
PC-AT Serial Cable Modem Cable RJ-45 Pin Assignments ECHNICAL PECIFICATIONS ECHNICAL UPPORT Online Technical Services World Wide Web Site 3Com Knowledgebase Web Services 3Com FTP Site Support from Your Network Supplier Support from 3Com Internet Support Telephone Support Returning Products for Repair...
Page 13
EFAULT ETTINGS FOR THE EBCACHE Default Settings Getting Started Wizard Settings EPLACING AND NSTALLING ACHE TORAGE EVICES Replacing a Failed Cache Storage Device Removing the Failed Cache Storage Device Adding a New Cache Storage Device Installing an Additional Cache Storage Device WCCP C ISCO OMMANDS...
Page 14
Drugs/Alcohol Gambling Violence Hate Speech Productivity Categories Astrology and Mysticism Entertainment Games General News Glamour and Intimate Apparel Hobbies Investment Job Search Motor Vehicles Personals and Dating Real Estate Shopping Sports Travel Usenet News ChatBlock...
Most user guides and release notes are available in Adobe Acrobat Reader Portable Document Format (PDF) or HTML on the 3Com World Wide Web site: http://www.3com.com/...
BOUT UIDE Conventions Table 1 and Table 2 list conventions that are used throughout this guide. Table 1 Notice Icons Icon Notice Type Description Information note Information that describes important features or instructions Caution Information that alerts you to potential loss of data or potential damage to an application, system, or device Warning Information that alerts you to potential personal injury...
There are other publications you may find useful, such as: Documentation accompanying 3Com Network Supervisor. This is supplied on the CD-ROM that accompanies the Webcache. Documentation accompanying switches capable of Layer 4 redirection...
3Com product documentation at this e-mail address. Questions related to technical support or sales should be directed in the first instance to your network supplier. Product You can now register your SuperStack 3 Webcache on the 3Com Web Registration site: http://www.3com.com/register/...
This chapter contains information about the concepts of web caching and the ways in which you can deploy the Webcache within your network. It covers the following topics: What is the Webcache? The Webcache and 3Com Network Supervisor Before You Begin Network Configuration Concepts Web Caching Overview...
Access Logs show you who has used the Internet and where they have been. The Webcache and The latest version of 3Com Network Supervisor is supplied on the 3Com Network CD-ROM that accompanies the Webcache. 3Com Network Supervisor Supervisor provides powerful, intuitive network management for small to medium enterprise networks.
LAN, it discovers the Webcache automatically and displays it on the topology map. The topology map indicates that the Webcache is a 3Com Webcache and uses a caching icon to represent it. Double-clicking on the caching icon launches the Web interface of the Webcache.
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT is a grouping of computers with related properties. For example you might group all computers in your company in the domain mycompany.com Example The internet (DNS) name is formed by webcache.mycompany.com combining the Host Name with the DNS domain webcache mycompany.com...
Network Configuration Concepts These suggested IP addresses are part of a group of IP addresses that have been set aside specially for use “in house” only. CAUTION: If your network has a connection to the external IP network, you must apply for a registered IP address. This registration system ensures that every IP address used is unique;...
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT The second part identifies the device on that subnet. The bits of the subnet mask are set to 1 if the device is to treat the corresponding bit in the IP address as part of the original network number or as part of the subnet number.
Network Configuration Concepts The host name must not exceed 63 characters in length. The host name must be comprised of alphanumeric characters, - (hyphens) and _ (underscores). You cannot enter a host name containing a space character. Domain Name The domain name must be at least 1 character long. Each character string can only be comprised of alphanumeric characters, (hyphens) and...
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT This hop-by-hop process continues until the IP packets reach the remote destination. The default router should be a device that is closer than the Webcache to the WAN link in your network, which the Webcache can send Web requests to in order to retrieve Web objects from the Internet.
Page 31
Web Caching Overview between the client machines and the origin Web servers. The Webcache then intercepts and serves requests from the client machines for Web content in the following way: 1 A URL is entered into a Web browser by a user on a client machine in your network.
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT Current and Expired Content stored in the cache can either be current (also known as fresh) or Content expired (also known as stale). If it is current, the content is up to date and the Webcache serves it to the client machine as a cache hit.
Page 33
Transparent caching solution. Therefore the Web browser on each client machine does not have to be configured. 3Com recommends that you deploy your Webcache on the LAN side of a firewall, or on the SuperStack 3 Firewall's DMZ port as described in “Proxy Relay Deployment”...
Page 34
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT There are various configuration solutions for Transparent and Proxy caching which are summarized in Table Table 3 Summary of Deployment Modes Transparent caching Transparent Cache An overview of the Transparent cache deployment mode. page 36 Deployment Layer 4 redirecting switch.
Choosing a Deployment Mode Choosing a The flow chart shown in Figure 4 is a guide to choosing the most suitable Deployment Mode deployment mode for the Webcache in your network. Figure 4 Choosing a Deployment Mode...
112. Figure 5 Transparent Cache Deployment Suitable 3Com Layer 4 redirection devices include switches and the SuperStack 3 Server Load Balancer (refer to the documentation supplied with your switch to find out if it is capable of Layer 4 redirection).
Transparent Cache Deployment Advantages You do not have to configure the Web browser on each client machine that you want to access the Webcache. Deployment of the Webcache within your network is therefore easier to achieve and manage because you only need to configure the Layer 4 Redirection device and the Webcache itself.
Page 38
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT Deploying the The following example describes how to install the SuperStack 3 Switch SuperStack 3 Switch 4400, Switch 4924 or Switch 4950 as a Layer 4 Redirection device. The 4400, 4924 or 4950 network layout is shown in Figure 6 below.
Page 39
Transparent Cache Deployment Important Considerations for the Switch 4400 This section contains some important considerations when deploying the Webcache with the Switch 4400 (3C17203, 3C17204). The Switch 4400 supports the SuperStack 3 Webcache 1000/3000. The Switch 4400 unit must have software version 2.02 or later installed.
Page 40
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT The Webcache does not have to be directly connected to the Switch 4924 or 4950 - there can be intervening Layer 2 Switches or Hubs. The Switch 4924 or 4950 can only support one Webcache for a single unit.
Transparent Cache Deployment Figure 7 Deploying the Webcache and Server Load Balancer Together The Webcache is directly connected to a SuperStack 3 Server Load Balancer via the LAN port to improve the scaling and performance of a group of web servers. The Server Load Balancer partitions network traffic between a group of Web servers offering services to client machines.
Page 42
Configure Webcache redirection on the WAN side interfaces of the Cisco router, rather than on the LAN side interfaces of the router. 3Com recommends that you use WCCP V2 rather than WCCP V1 if possible. You can find further information about the Web Cache Communication Protocol at: http://www.cisco.com/warp/public/732/wccp/index.html...
Transparent Cache Deployment WCCP Version 1 Figure 8 WCCP Version 1 Deployment WCCP V1 allows a single WCCP-enabled Cisco router to operate with multiple Webcaches in your network. You need to specify the IP address of the router in the Web interface of each Webcache. For further information, see “Configuring WCCP V1”...
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT WCCP V2 supports multiple WCCP-enabled Cisco routers operating with multiple Webcaches in a service group. Any of the available routers in the service group can redirect Web requests to any of the available Webcaches, improving performance and redundancy within your network.
Proxy Cache Deployment Figure 10 Deploying the Firewall and Webcache Together Advantages You do not have to configure the Web browser on each client machine that you want to access the Webcache because all Web requests are automatically redirected by the Firewall. Disadvantages You have to add a Firewall to your network if it is not already available.
Page 46
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT For further information, see “Configuring Proxy Cache Mode” page 115. Figure 11 Proxy Cache Deployment Advantages You do not have to add new devices to your network. The Webcache can be integrated into any network environment. You can use a PAC file to load balance Web requests from client machines between up to four Webcaches to achieve higher performance and resiliency.
Proxy Cache Deployment Webcache fails, Web requests will automatically be sent to the other available Webcaches. For further information, see Figure 12 page Proxy Cache Solutions You can deploy the Webcache using the following Proxy Cache solutions: Manual Configuration Proxy Auto Configuration (PAC) Files Web Proxy Auto-Discovery (WPAD) Third-party Tools Migrating from Proxy Cache to Transparent Cache Mode...
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT 8 Click OK. To manually configure Netscape Navigator 4.5 or 6: 1 Open Netscape Navigator. 2 From the Edit menu, click Preferences. 3 Click the Advanced category and click Proxies. 4 Select Manual Proxy Configuration. 5 Click View.
Proxy Cache Deployment Figure 12 Proxy Cache Deployment with PAC File Load Balancing Web Proxy The Webcache and Microsoft Internet Explorer 5 (and later versions) Auto-Discovery support the Web Proxy Auto-Discovery (WPAD) protocol. This protocol (WPAD) enables the Web browser on client machines to automatically find and load proxy configuration information (stored in a PAC file) without user intervention.
Page 50
WPAD server answering the domain name or reaches the third-level domain. For example, Web browsers on client machines in the domain would query a.b.3Com.com wpad.a.b.3Com wpad.b.3Com.com and then .
Page 51
Proxy Cache Deployment You need to add the WPAD functionality to your DHCP server using DHCP Manager. For further information, view the Microsoft Knowledge Base at: http://search.support.microsoft.com/kb/c.asp (correct at time of publishing) and search for the article ID number Q252898 Configuring Internet Explorer to Use WPAD To configure Internet Explorer to use WPAD: 1 Open Internet Explorer.
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT http://www.ietf.org/internet-drafts/draft-cooper-webi-wpad-0 0.txt (correct at time of publishing) Third-party Tools There are applications from many vendors that can help you to manage networks of client machines. Microsoft offers the Internet Explorer Administration Kit and Systems Management Server, which allow you to remotely configure Web browsers and Proxy Cache settings.
TCP port number that you configure for the parent Webcache to send its requests. Any compliant HTTP proxy cache can be used as a parent Webcache. The parent Webcache does not have to be a 3Com SuperStack 3 Webcache.
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT You can configure a child Webcache to forward requests to up to four parent Webcaches. If one of the parent Webcaches does not have the requested content or is unavailable, the child Webcache will automatically try the next specified parent Webcache.
Parent Caching Figure 14 Parent Caching 5 If the content is not in the parent Webcache, it is retrieved from either the origin server or another parent Webcache. The content is then cached by the parent Webcache and simultaneously served to the client machine and stored in the child Webcache.
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT Accidental Webcache Hierarchies An accidental Webcache hierarchy automatically exists in the networking example shown in Figure 15 if the parent Webcache is configured in either Transparent cache, Inline cache or WCCP mode. In each of these deployment modes Web requests are transparently intercepted by a device in your network and redirected to the Webcache.
Page 57
Consequently caching latency may go up as UDP messages are lost and unnecessary cache misses occur. 3Com recommends that you use Parent Caching in preference to ICP Caching unless you have an existing network of ICP Caches that you wish...
Page 58
1: W HAPTER ACHING ONCEPTS AND EPLOYMENT...
NSTALLING THE EBCACHE This chapter contains the information you need to install and set up the Webcache 1000/3000. It covers the following topics: Package Contents Webcache — Front View Detail Webcache — Rear View Detail Choosing a Suitable Site The Power-up Sequence Deploying the Webcache in Your Network Setting Up the Webcache for Management Connecting the Webcache to the Live Network...
2: I HAPTER NSTALLING THE EBCACHE Package Contents Webcache 1000 (3C16115) or Webcache 3000 (3C16116) CD-ROM Documentation User Guide (this guide) Release Notes Warranty Information Sheet Power Cord Rack-Mounting Kit containing: 2 x Rack Mounting Rails 2 x Rack Mounting Brackets 2 x Adjustable Brackets 2 x Front Plates 16 x Screws...
Webcache — Front View Detail Webcache — Front Figure 16 Webcache — Front View View Detail Activity LED Cache Storage Link Status Power/Self Status LED(s) LED(s) test LED Webcache 3000 Activity Activity Power/Self test green = ok green = 100 Mbps Cache Storage Status Link Status yellow = failed...
If the Webcache experiences an unrecoverable error during initialization the Power/Self Test LED flashes Green. Take a note of the color and status of each LED on the front before you contact 3Com technical support for assistance. Webcache — Rear Figure 17 Webcache —...
Webcache — Rear View Detail connect the unit to a traditional PBX or public telephone network. Only connect RJ-45 data connectors, Switches or Routers to these sockets. Either shielded or unshielded data cables with shielded or unshielded jacks can be connected to these data sockets. Power Socket The Webcache automatically adjusts its power setting to any supply voltage in the range 90-240 VAC.
2: I HAPTER NSTALLING THE EBCACHE If Auto-Negotiation is disabled, you can configure: Link Speed — You can set this to 100 Mbps or 10 Mbps. Duplex State — You can set this to Full Duplex or Half Duplex. You cannot enable or disable the WAN or LAN port itself. The port can safely be left disconnected if it is not being used.
The Webcache is accessible and cables can be connected easily. Water or moisture cannot enter the case of the Webcache. Air-flow is not restricted around the Webcache. 3Com recommends that you provide a minimum of 25 mm (1 in.) clearance.
Page 66
2: I HAPTER NSTALLING THE EBCACHE You must use the rack-mounting rails and screws supplied with the Webcache. Damage caused to the Webcache by using incorrect rails and screws invalidates your warranty. A Rack-Mounting Kit is supplied with the Webcache which contains the items shown in Figure 19.
Page 67
Rack-Mounting the Webcache To rack-mount your Webcache: 1 Place the Webcache the right way up on a hard flat surface, with the front facing towards you. The rack-mounting brackets are attached to each side of the Webcache, as shown in Figure Figure 20 Rack-Mounting Bracket Attached to the Webcache 2 Slide the rack-mounting rails off the rack-mounting brackets on both...
Page 68
2: I HAPTER NSTALLING THE EBCACHE Figure 21 Fitting a Rack-Mounting Rail to the Rear of the Rack 4 Attach the rack-mounting rail to the front of the rack. To do this: a Insert two screws through aligned openings in the front plate, rack and rack-mounting rail as shown in Figure b Tighten the screws with a suitable screwdriver.
The Power-up Sequence Figure 23 Attaching the Webcache to the Rack 7 Ensure that the ventilation holes in the Webcache are not obstructed. The Power-up The following sections describe how to get your Webcache powered-up Sequence and ready for operation. Powering-up the Use the following sequence of steps to power-up the Webcache: Webcache...
For further information about each deployment mode, see “Deployment Modes Overview” page CAUTION: 3Com recommends you set up the Webcache for management in a test network environment before you introduce it into your live network. For further information, see “Setting Up the Webcache for Management”...
Setting Up the Webcache for Management Setting Up the You can quickly set up the Webcache for management in two ways: Webcache for Setting Up Using the Web Interface — Connect a management Management workstation to the Webcache over an IP test network or directly via a cross-over cable.
Page 72
Netscape Communicator v4.5 Netscape Communicator v4.6 Netscape Communicator v4.7 Netscape Communicator v6.0 3Com recommends that you use a later version of Internet Explorer than version 5.0. ™ For the browser to operate the Web interface correctly JavaScript Cascading Style Sheets must be enabled on your browser. These features are enabled on a browser by default.
Page 73
Setting Up the Webcache for Management Also the Web interface has been optimized for PC screens with the desktop area set to 800 by 600 pixels. 3Com recommends that you set the font size to Small Fonts. 2 In the Location/Address field of the browser, enter the URL of the Webcache.
2: I HAPTER NSTALLING THE EBCACHE Webcache to your live network. For further information, see “Getting Started Wizard Settings” page 309. Setting Up Using the You can setup the Webcache for management via the Command Line Command Line Interface by running a Telnet session on a management workstation that Interface is connected to the Webcache over your test network, or locally via a console port connection.
Page 75
Setting Up the Webcache for Management For further information, see “Webcache — Rear View Detail” page Figure 28 Setting Up Through the Console Port To connect to the Webcache via the console port: 1 You must connect a terminal or terminal emulator to the console port on the rear panel of the Webcache.
Webcache to your live network. In particular, ensure that the IP settings of the Webcache fit into those of your network. Choosing the Correct 3Com recommends that you use Category 5 cable to connect the LAN Cables port to your network — the maximum segment length for this type of...
Additional Web content can be stored on the Webcache, increasing the chances of a cache hit. You need to purchase a hard drive approved by 3Com and insert it into the mounting tray in the third bay of the Webcache. A list of approved hard drives can be found at: htpp://www.3com.com/sswebcache...
Page 79
ANAGING THE EBCACHE Chapter 3 Using the CLI Interface Chapter 4 Using the Web Interface Chapter 5 Securing Access to the Webcache Management Interfaces...
Page 81
CLI I SING THE NTERFACE This chapter contains information about managing the Webcache using the management software that resides on the Webcache. Managing the Webcache can help you to improve the efficiency of the Webcache and therefore the overall performance of your network. It allows you to make full use of the features offered by the Webcache, and to change and monitor the way it works.
3: U CLI I HAPTER SING THE NTERFACE Accessing the You can access the Command Line Interface using: Command Line A terminal or terminal emulator connected to the console port of the Interface Webcache directly, or through a modem. A terminal or terminal emulator connected to the Webcache over an IP network using Telnet.
“Logging in as a Default User” page To prevent unauthorized configuration of the Webcache, 3Com recommends that you change the default password as soon as possible. To do this using the Command Line Interface, you need to log in as the default user and then follow the steps described in “Changing the Admin...
3: U CLI I HAPTER SING THE NTERFACE If you have logged on correctly, the Top-level menu of the Command Line Interface is displayed as described in “Understanding the Command Line Interface” page 84. If you have not logged on correctly, the message is displayed and the login sequence starts again.
Page 85
Understanding the Command Line Interface From the Top-level menu, you can access these sub-menus: GettingStarted command This command allows you to specify basic configuration settings for the Webcache. Logout command This command allows you to logout of the Command Line Interface. PhysicalInterface Menu This menu contains commands that allow you to view and change the physical setup of the WAN and LAN ports on the Webcache.
3: U CLI I HAPTER SING THE NTERFACE To enter commands that require values: Append the values to the name of the command. For example, to display the security menu and change your password, enter: security password <password> If you do not specify values for a command that requires them, you are prompted to enter the values.
Page 87
SING THE NTERFACE This chapter contains information about managing the Webcache using the management software that resides on the Webcache. Managing the Webcache can help you to improve the efficiency of the Webcache and therefore the overall performance of your network. It allows you to make full use of the features offered by the Webcache, and to change and monitor the way it works.
“Command Line Interface” chapter on page 251. Even if you do not intend to actively manage the Webcache, 3Com recommends that you change the default password to prevent unauthorized access to your Webcache. See Chapter 5 for further information.
Netscape Communicator v4.6 Netscape Communicator v4.7 Netscape Communicator v6.0 If you use Internet Explorer, 3Com recommends that you use version 5.0 or later. For the browser to operate the Web interface correctly Javascript and Cascading Style Sheets must be enabled on your browser. These features are enabled on a browser by default.
Page 90
4: U HAPTER SING THE NTERFACE Figure 30 User Name and Password Screen If the user name and password screen is not displayed, see “Solving Web Interface Problems” page 277. 4 Enter your user name and password. For further information, see “Logging in as a Default User”...
The Web interface is made up of four areas: The Banner This is always displayed at the top of the browser window. It displays the 3Com logo and SuperStack logo. The Toolbar This is always displayed at the top of the browser window, underneath the Banner.
4: U HAPTER SING THE NTERFACE The Toolbar The Toolbar is always displayed at the top of the browser window, underneath the Banner. It contains six buttons which allow you to select different views. Click on a toolbar item to see the corresponding view: Summary —...
Page 93
Weekly Caching Performance Graphs. See Chapter Help — This view allows you to access the Online Help system for the Webcache, additional information from the 3Com Web site and provides specification guidelines for running the Web interface. The following will be displayed (See “The Help View”...
4: U HAPTER SING THE NTERFACE The Navigation Tree The Navigation Tree is always displayed on the left side of the browser window. It is a Windows Explorer-like interface that contains various icons which allow you to manage your Webcache. Figure 32 The Summary View Navigation Tree By default, when you open the Web interface, the Summary View is selected and the Navigation Tree is fully collapsed with only the top-level...
Page 95
The Navigation Tree The following table shows the various Navigation Tree symbols and their associated behavior: Symbol Behavior Indicates that the next level of the Navigation Tree hierarchy is currently expanded. Click the symbol to collapse the next level. This only affects the Navigation Tree — no changes are made to the Information Area.
4: U HAPTER SING THE NTERFACE The Information The Information Area is always displayed on the right side of the browser Area window. It contains information about the managed Webcache. The information displayed depends on the view you select in the Toolbar: If the Summary View is currently selected, a table is displayed which shows summary information for the Webcache.
Page 97
The Information Area The device mimic is a virtual, interactive representation of the front and rear panels and the current status of the Webcache. All of the ports on the Webcache are shown. The device mimic is periodically updated to reflect changes in the Webcache.
Page 98
4: U HAPTER SING THE NTERFACE Click this to refresh the device mimic now. Mimic Help Click this for an explanation of the symbols and colors on the device mimic's ports and caching devices. The following table shows the various device mimic symbols and their associated behavior: Figure 35 Device Mimic Symbols Symbol...
“Automatic cache storage device has failed; for further information, see System Events” page 214 You should remove the failed cache storage device and return it to 3Com “Replacing a Failed Cache for replacement. For further information, see Storage Device” page 314...
The Content Filtering Summary table shows the Filtering Mode currently employed, the status of the filter licence, the status of the 3Com Filter download and the time of the last successful download. The features shown depends on the type of filtering system used. The Websense Enterprise Filtering Mode will show different information to that of Manual Filtering or 3Com Web Site Filtering.
Page 101
Click Disk Failure to open a 3Com Knowledge Base article which informs you how to return a failed Cache Storage Device to 3Com. Click Home Page to display the Home page of the 3Com Web site in a new browser window.
Page 103
ECURING CCESS TO THE EBCACHE ANAGEMENT NTERFACES This chapter contains information about ensuring that the Webcache is secure. It covers the following topics: Passwords Management Interface Setup Password Recovery...
“Logging in as a Default User” page CAUTION: To prevent unauthorized access and configuration of the Webcache, 3Com recommends that you set a password for the admin username as soon as possible. Setting Passwords To set the password using the Web interface, you need to login as the admin user, click Device on the toolbar and select Security >...
Management Interface Setup Management There are two methods of restricting the visibility of the Webcache’s Web Interface Setup Interface. Both methods are configured from the Setup Management screen. To access the Setup Management screen: 1 Log in to the Web interface. 2 Click Device on the Toolbar.
Page 106
5: S HAPTER ECURING CCESS TO THE EBCACHE ANAGEMENT NTERFACES You can restrict management of the Webcache by entering IP addresses that are allowed access at the Access restricted to the following IP Addresses: prompt. Enter a comma-separated list of IP addresses, an IP range or a combination of both.
Webcache and reinserting it. 3Com recommends that you access the CLI in this instance by connecting a standard null-modem cable to the console port on the Webcache. Remove the power cord and then reinsert it to reboot the Webcache before the password recovery mode resets.
Page 108
5: S HAPTER ECURING CCESS TO THE EBCACHE ANAGEMENT NTERFACES 4 Enter to leave password recovery enabled, or enter enable disable turn it off. You are now logged in as the default admin user.
Page 109
ONFIGURING THE EBCACHE Chapter 6 Configuring Deployment Modes Chapter 7 Static Routes Chapter 8 System Time...
Page 111
ONFIGURING EPLOYMENT ODES This chapter contains information about how to configure the various deployment modes of the Webcache: Configuring Transparent Cache Mode Configuring WCCP V1 Configuring WCCP V2 Configuring Proxy Relay with the SuperStack 3 Firewall Configuring Proxy Cache Mode Creating a Proxy Auto-configuration File Configuring Inline Cache Mode Configuring Parent Caching...
6: C HAPTER ONFIGURING EPLOYMENT ODES Configuring To configure Transparent Cache mode using the Web interface: Transparent Cache Mode 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Set Caching Mode. The Set the Webcache Deployment Mode screen is displayed.
Configuring WCCP V2 If the Webcache is deployed in WCCP mode, you must use port 8081 to access the Webcache’s Web interface e.g. http://192.168.1.253:8081. If you use port 80, you may experience problems accessing the Web interface. For further information, see “WCCP Version 1”...
Page 114
6: C HAPTER ONFIGURING EPLOYMENT ODES 11 Enter the authentication password used by the routers in the Password field. Enter it again in the Confirm field. The password must be 8 characters or less and is case-sensitive. Click Next. 12 The Finish screen is displayed. Carefully read the summary information, which displays the WCCP version, Router IP Addresses or Multicast Address and whether WCCP Password Authentication is enabled or disabled.
Enable Web Site Blocking on the Webcache in preference to the Firewall, as the Webcache has more advanced filtering abilities and is able to use the 3Com Web Site Filter (3C16118) if installed. 2 Install the Firewall according to the SuperStack 3 Firewall User Guide (DUA1611-0AAA0x) taking into account any safety information.
6: C HAPTER ONFIGURING EPLOYMENT ODES Select the protocols that the Web browsers on client machines should direct to the Webcache Bypass the Webcache for plain host names Distribute Web requests from client machines between up to four Webcaches to achieve higher performance and resiliency For further information, see “Proxy Auto Configuration (PAC) Files”...
Creating a Proxy Auto-configuration File If you wish to use the PAC file on a network server, click Save. The File Download screen is displayed. Select Save this file to disk and enter a filename and location to save the file to. Configuring the You must next set the Web browser to read the PAC file for its settings.
6: C HAPTER ONFIGURING EPLOYMENT ODES Configuring Inline To configure Inline Cache mode using the Web interface: Cache Mode 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Set Caching Mode. The Set the Webcache Deployment Mode screen is displayed.
Configuring Parent Caching Configuring Parent To enable and configure Parent Caching using the Web interface: Caching 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Parent Caches > Setup Parent Caches in the Navigation Tree. 4 Check Enable Parent Proxy Caches.
Page 120
6: C HAPTER ONFIGURING EPLOYMENT ODES 3 Select Parent Caches > Edit Exclude List in the Navigation Tree. 4 In the Enter the Domain Name, IP Address or IP Address Range field, enter the domain name, IP address or IP address range to add to the list and click Add.
Configuring Parent Caching You should choose to merge with the current list if you have a partial list of entries in an external file that you want to add to the list on the Webcache. 6 Select Load to load the new list. Loading a list may take a few seconds to complete, depending on the number of entries being loaded.
6: C HAPTER ONFIGURING EPLOYMENT ODES Saving a list may take a few seconds to complete, depending on the number of entries being loaded. Clearing the Parent You can use the Clear Exclude List screen to delete all the current entries Cache Exclusion List in the Parent Cache Exclusion List.
6: C HAPTER ONFIGURING EPLOYMENT ODES The standard ICP port number is 3130 and should not be changed unless the Webcache is being used in conjunction with other devices that require a different port number. 7 Set ICP Query Timeout (seconds) to the length of time you want to Webcache to wait for a response.
Configuring ICP Caching Deleting ICP Peers To delete ICP peers: 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select ICP Control > Edit ICP Peers in the Navigation Tree. 4 Select the peer that you want to delete form the table at the bottom of the window.
Page 127
TATIC OUTES This chapter contains information about the concepts of static routing and how to configure static routes on the Webcache. It covers the following topics: What are Static Routes? Static Routes Example Advantages of Static Routes Configuring Static Routes...
7: S HAPTER TATIC OUTES What are Static Routes to remote networks are typically obtained dynamically through Routes? routing protocols. However, you can also choose to provide routes manually. These routes are referred to as Static Routes. A static route is associated with an interface that represents the remote network.
Configuring Static Routes The solution in this scenario is to enter a static route on the Webcache to use a LAN-side router for all requests destined for the LAN-side server. When the Webcache processes the cache miss, instead of passing the packet to the default router, it sends it to the LAN-side router which has direct connectivity to the LAN-side server.
Page 130
7: S HAPTER TATIC OUTES 5 Enter the subnet mask of the network that you are creating a static route for in the Subnet Mask field. 6 Enter the IP address of the router for the static route in the Gateway field. 7 Select the Add button to create the static route.
Page 131
YSTEM This chapter explains how to configure the system time of the Webcache. It contains the following topics: Configuring the System Time Network Time Protocol Configuring the System Time Using the Network Time Protocol Configuring the System Time Manually System Time and Performance Graphs...
Configuring the System Time Manually — for further information, see page 134. 3Com recommends that you use the Network Time Protocol to configure the system time of the Webcache. Network Time The Network Time Protocol (NTP) is used to synchronize the time of client...
Page 133
(correct at time of publishing) 3Com recommends that if your network has an internal NTP server, you should use this rather than a public stratum server. If not, you should use the lowest stratum public NTP server available to you.
8: S HAPTER YSTEM Configuring the To configure the system time of the Webcache using the Network Time System Time Using Protocol, you must enter the following information in the Getting Started the Network Time wizard or Time Configuration command in the Web interface: Protocol 1 Select a timezone from the options in the Timezone drop-down list.
System Time and Performance Graphs System Time and When the system time of the Webcache is set manually, all of the current Performance Performance Graphs are reset and all previous graph history is lost. You Graphs should therefore only change the system time when it is absolutely necessary.
Page 137
ONTROLLING AND ONITORING CCESS Chapter 9 Monitoring Web Access Chapter 10 Using Content Filtering...
Page 139
ONITORING CCESS This chapter contains information about controlling and monitoring the access of the users of your network through the Webcache to the Internet. It covers the following topics: Access Logging Filter Logging Storing the Log Files Viewing the Access Log Analyzing the Access Log Viewing the Filter Log...
9: M HAPTER ONITORING CCESS Access Logging Access Logging allows you to track which client machines have accessed which Web sites through the Webcache. You can configure the Webcache to log all Web accesses. Access Logging and the Squid access log format are enabled by default but if you want to change the log format do the following: 1 Log in to the Web interface.
Page 141
Storing the Log Files request filtered, by combining the FTP logs. By default, the saved access logs are based on the standard Squid access log format and can be analyzed using off-the-shelf log analysis tools. When the logs are offloaded both the Access Log and the Filter Log will be saved.
3Com recommends that you select the Webtrends Extended Log Format (WELF) option and use Webtrends Log Analyzer or WebTrends Firewall Suite to analyze the access logs that the Webcache produces: http://www.webtrends.com...
Viewing the Filter Log Calamaris is a free open source tool available from the following URL: http://calamaris.cord.de (correct at time of publication) All three Netscape format log files can be analyzed by Netscape’s program Flexanlg, which is distributed with Netscape Web and Proxy Servers beginning with version 2.0.
Page 145
ILTERING This chapter explains how to use the Webcache to control and monitor access to the Internet from your network. It covers the following topics: Introducing Content Filtering 3Com Web Site Filter Websense Enterprise Filtering Manual Content Filtering Default Rule...
Improved network performance. The list of sites used to allow or deny access can be automatically loaded using the 3Com SuperStack Web Site Filter and entered by hand using the Allow and Deny lists of the Webcache. Alternatively control for filtering Web sites can be passed to an external server which incorporates a Websense Enterprise filter.
When you configure your Webcache to use Manual Filtering or the 3Com Web Site Filtering service, the Websense Enterprise filtering commands on the Webcache are disabled.
Page 148
Default Rule. 6 3Com Web Site Filter — The Webcache compares the Web site against all the sites in the categories that are in the currently active Filter Policy. See below for setup and configuration information and “Setting Up...
To extend the use of the 3Com Web Site Filter you need to purchase Web Site Filter licenses from your 3Com reseller. 3Com will send you an email when your Web Site Filter license is about to expire. If your Web Site Filter license does expire, the 3Com Web Site Filter will continue to operate using the most recently downloaded list for 30 days.
You can also set up the Webcache to automatically download the latest Web Site Filter from the 3Com Web Site at a specified time. To download the Web Site Filter: 1 Log in to the Web interface.
10 Click Next. 11 Select the default rule to be applied to all web requests if the 3Com Web Site Filter service is not available or has expired. Choose Deny All to deny access to all Web sites or Allow All to allow access to all Web sites.
1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > 3Com Web Site Filter > Category Sets in the Navigation Tree. 4 To add a Category Set, enter the name in the Category Set Name field, then select Add.
Page 153
1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > 3Com Web Site Filter > Policy Schedule in the Navigation Tree. 4 Click Add, to add a policy to the Policy Schedule.
1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > 3Com Web Site Filter > Test a URL in the Navigation Tree. 4 Enter the URL that you want to test.
Webcache receives. Websense Enterprise then decides whether to allow or deny the request. When you configure your Webcache to use Websense Enterprise filtering, the Manual Filtering and the 3Com Web Site Filtering commands on the Webcache will be disabled. When a client computer attempts to access a Web site, the Webcache applies the following rules in the order listed: 1 Web Client Blocking —...
Page 156
10: U HAPTER SING ONTENT ILTERING select the Universal option. For further information, see the instructions that accompany the Websense Enterprise software. Setting Up Websense Having acquired and installed the Websense Enterprise filtering software Enterprise Filtering on your server, you can now set up your Webcache for Websense on your Webcache filtering.
Page 157
Web sites to which you want to either allow or deny access. When you configure your Webcache to use Manual Filtering or the 3Com Web Site Filtering service, the Websense Enterprise filtering commands on the Webcache are disabled.
10: U HAPTER SING ONTENT ILTERING It is important to use caution when adding keywords to the list as you may filter sites other than you intend. For example, blocking the word breast may filter sites on breast cancer as well as objectionable or pornographic sites.
Default Rule The Default Rule is the last filter used if Manual Filtering has been selected and the rule that is applied if the 3Com Web Site Filter has expired or if the Websense Enterprise server fails to respond. The Default Rule can take one of two values: Allow All —...
The Webcache will only log and block in the 3Com Web Filter and Manual modes. If you are using Websense Enterprise filtering refer to the documentation supplied with Websense Enterprise for an equivalent function.
Web Client Blocking 7 Click Next and then Finish to close the Setup Filtering Wizard. Storing the Filter Log You can specify an FTP server to which you want to periodically save the log files. If this option is enabled, the logs are offloaded to the FTP server whenever any log reaches 250 MB in size, or every 24 hours, whichever comes first.
10: U HAPTER SING ONTENT ILTERING Using a browser on a client machine whose IP address is not blocked by Web Client Blocking to access the Web Interface. All client machines that you specify in the Cache Bypass screen will not be prevented by the Webcache from accessing the Web.
Web Client Blocking Allow all except — to allow all clients to access the Web except for those you specifically block. 6 Click OK. Creating a Web Client You can create a list of the IP addresses or IP address ranges of the client Blocking List machines for which you want to change the default Web Client Blocking behavior:...
Page 164
10: U HAPTER SING ONTENT ILTERING 5 If you want to remove an entry from the list, click on an entry in the list and click Remove. To delete all entries at once, click Remove All. Example If you select Deny all except when you set up Web Client Blocking (see “Setting Up Web Client Blocking”...
Web Client Blocking 6 Select Load to load the new list. Loading a list may take a few seconds to complete, depending on the number of entries being loaded. List Rules There are certain rules that you must follow when loading a list of Web clients into the Web Client Blocking List.
Filter Exclusions allow you to specify and exclude particular client machines from any content filtering. The Exclusion List can be enabled when you set up the Webcache for Manual Content Filtering or 3Com Web Site Filtering. One use of the Filter Exclusion List is to exclude machines used by network administrators who must be exempt from content filtering.
Page 167
Filter Exclusions To add a client to the Filter Exclusion List: 1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > Filter Exclusion > Edit List in the Navigation Tree. 4 Enter the IP address or IP address range of the clients who you want to add to the Filter Exclusion List and click Add.
Page 168
10: U HAPTER SING ONTENT ILTERING You should choose to replace the current list if you have a complete list of entries in an external file that you want to use to overwrite the list on the Webcache. You should choose to merge with the current list if you have a partial list of entries in an external file that you want to add to the list on the Webcache.
Allow Lists and ranges of Web sites that you want to either allow or deny access to when Deny Lists you select the Manual Content Filtering or 3Com Web Site Filtering modes. To set up Allow/Deny lists using the Web interface: 1 Log in to the Web interface.
Page 170
10: U HAPTER SING ONTENT ILTERING Manually Entering a Web Site into the Allow List To manually enter a Web site into the Allow List: 1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering > Allow/Deny Lists > Edit Allow List in the Navigation Tree.
Page 171
Setting Up Allow Lists and Deny Lists Manually Entering a Web Site into the Deny List To manually enter a Web site in the Deny List: 1 Log in to the Web interface. 2 Click Content Filter on the Toolbar. 3 Select Webcache Filtering >...
Page 172
10: U HAPTER SING ONTENT ILTERING Loading Entries From A text file containing a list of domain names, IP addresses or IP address a File into the Allow ranges, can be loaded into the Allow List or Deny List. To do this: List or Deny List 1 Log in to the Web interface.
Setting Up Allow Lists and Deny Lists Each line in the file must not exceed 75 characters in length. Blank lines are ignored. There must be no spaces at the beginning of a line. The list can contain a maximum of 900 entries. If loading the file results in more than 900 entries, all subsequent entries after the limit has been reached will not be loaded into the list.
Keyword blocking allows the Webcache to prevent access to URLs containing particular words. Keyword Blocking can be enabled when you set up the Webcache for Manual Content Filtering or 3Com Web Site Filtering. You may specify a list of up to 900 URL keywords to the Webcache.
Page 175
Keyword Blocking 5 If you want to remove an entry from the list, click on an entry and click Remove. To delete all entries at once, click Remove All. Loading Entries From A text file containing a list of keywords can be loaded into the Keyword a File into the Blocking List.
10: U HAPTER SING ONTENT ILTERING There must be no spaces at the beginning of a line. The List can contain a maximum of 900 entries. If loading the file results in more than 900 entries, all subsequent entries after the limit has been reached will not be loaded.
Page 177
Customizing the Content Filter Response Screen If the client machine is blocked by Web Client Blocking, the Customize Response screen will not appear. To customize the response using the Web interface: 1 Click Content Filter on the Toolbar. 2 Select Webcache Filtering > Custom Response in the Navigation Tree. 3 Enter up to 512 characters of text or HTML code in the Add This Text field that you want to add to the response screen that informs the end user that access has been denied.
11: C HAPTER ONTROLLING ITES ACHED Cache Control Cache Control allows you to control the caching behavior of the Webcache for specific Web sites. Cache control works in any deployment mode and has two functions: Cache Control can be used to reduce traffic across your WAN network and improve response time to your clients by pinning content for a period of time between an hour and a week.
Page 183
Cache Control Manually entering each Web site in the Edit List screen. Loading an existing list of Web sites from an external text file in the Load List From File screen. A combination of the above methods. Manually Entering a Web Site Into the Cache Control List To manually enter a Web site in the Cache Control List: 1 Log in to the Web interface.
Page 184
11: C HAPTER ONTROLLING ITES ACHED Alternatively, if you want the Webcache to cache and use the material from the site for a week, select Pin for one week instead of Never Cache. You must follow all of the rules listed in the “Domain Name System Syntax”...
900 entries in the Cache Control List, all subsequent entries after the limit has been reached will not be loaded into the List. Valid examples are: www.3com.com 0 www.domain1.com 2 www.domain2.com 24 215.115.0.0 48 216.115.0.0-216.115.255.255 168...
11: C HAPTER ONTROLLING ITES ACHED To clear the Cache Control List: 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Cache Control > Clear List in the Navigation Tree. 4 Click OK to clear the Cache Control List. The clear list process may take a few seconds to complete, depending on the number of entries in the list.
Page 187
Call Logging information. If this happens, add the IP address of your NBX system to the Client Bypass list. 3Com maintains a list of IP addresses of Websites that do not work correctly with Transparent Webcaches. Please check 3Com's Knowledgebase for the current list.
11: C HAPTER ONTROLLING ITES ACHED You can create a list of Web site IP addresses or address ranges. All requests from client machines to those domains will bypass the Webcache and go straight to the origin server. You can only use Cache Bypass lists when the Webcache is deployed in Transparent Cache mode.
Page 189
Cache Bypass or Web sites that you want to add to the list and click Add. Repeat this for each IP address that you want to bypass. Example You can enter to bypass that IP address 216.115.0.0-216.115.255.255 range, or enter to bypass that IP address.
11: C HAPTER ONTROLLING ITES ACHED The load list process may take a few seconds to complete, depending on the number of entries in the file. Load List Rules There are certain rules that you must follow when loading a list of Web sites into the Client Bypass and Web Site Bypass Lists.
Cache Bypass Clearing the Cache You can use the Clear List screen to delete all the current entries in the Bypass Lists Cache Bypass List(s). To clear the Cache Bypass List(s): 1 Log in to the Web interface. 2 Click Caching on the Toolbar. 3 Select Cache Bypass >...
Page 193
This chapter contains information about preloading Web sites into your Webcache before they are requested by clients browsing the Web. It is split into the following sections: Introduction Setting up Content Preload Preloading a Site Checking the Status of Scheduled Tasks Using the 3Com Web Scheduler Browser Client...
12: P HAPTER RELOADING ONTENT Introduction The Preload Content Feature enables the administrator and other authorized users to preload required sites onto the Webcache before they are requested. These preloads can be done manually or run on a schedule outside working hours and enable you to store content in the Webcache that you know will be required by a client’s Web browser.
Page 195
Status of Scheduled Tasks” page 199. Using the 3Com Web Scheduler Browser Client — The Webcache is shipped with a Browser plug-in for Microsoft Internet Explorer that allows designated users to schedule Content Preload tasks. See “Using the 3Com Web Scheduler Browser Client”...
Web Scheduler Browser Client allows users who do not have the administration password to set up Preload Tasks using Internet Explorer. If you do not check this box the 3Com Web Scheduler Browser Client will not be able to access or create preload tasks on the Webcache. See “Using the 3Com Web Scheduler Browser Client”...
6 Enter or amend the Starting URL for the task. This is often the base URL for a site e.g. but can be any URL that you can http://www.3com.com enter from a Web browser. 7 Select Recursion Level from the drop-down box. The Recursion Level determines how deep the Webcache is to scan when looking for pages to preload.
12: P HAPTER RELOADING ONTENT 10 Select the frequency of the preload task from Every Hour, Every Day, Every Week or Once. 11 Select the start time from the at: drop-down box. The preload task will start at the specified time of day but will not have a guaranteed finish time since it is conditional on the Web site and the performance of the Internet.
Checking the Status of Scheduled Tasks 4 Select a Preload Task from the list. 5 Click Preload Now. The preload will start regardless of the scheduled time. 6 Click OK to return to the Web interface. You can only force one preload task at a time. If you try to force a preload task whilst another is running, you will be given the option to abort the current task.
12: P HAPTER RELOADING ONTENT Last Complete Status — Shows if the preload task failed. A preload task has failed if no Web objects were retrieved. If the task retrieved any objects the word OK is displayed. Last Complete Time — Displays the time at which the task last completed.
7 Click Finish on the Preload Task Status screen to return to the Web interface. Using the 3Com The 3Com Web Scheduler Browser Client is a browser plug-in that allows Web Scheduler designated users to create, view, amend preload tasks without accessing Browser Client the Web interface of the Webcache.
Page 202
HAPTER RELOADING ONTENT 4 Ensure that the Enable 3Com Web Scheduler Browser Client box is checked. 5 Click the Change Password button, choose a password for the 3Com Web Scheduler Browser Client, and enter it in the Password box. You must supply this password to users of the 3Com Web Scheduler Browser Client to allow them to use this feature.
Page 203
4 In the Connection tab of the window enter the IP address of the Webcache and the Preload Account Password (as set up in “Configuring the Webcache for the 3Com Web Scheduler Browser Client” page 201). 5 In the File Location tab of the window enter the location where the user is to store their preload tasks ready for transfer to the Webcache.
Page 205
ONITORING EBCACHE Chapter 13 Monitoring System Events Chapter 14 Performance Monitoring Chapter 15 System Diagnostics...
Page 207
ONITORING YSTEM VENTS This chapter contains information about the system events that can occur on the Webcache 1000/3000. It covers the following topics: System Events Email Notification SNMP Traps Automatic System Events...
The emails are generated internally within the Webcache in a fixed format that is also used by 3Com Network Supervisor. The emails can be sent to as many accounts as you like.
Page 209
Email Notification 3Com recommends that you use the domain name of the Webcache as the email address. If you have entered “webcache” as the host name and “mycompany.com” as the DNS domain name of the Webcache, then you would enter “webcache@mycompany.com” as the email address.
13: M HAPTER ONITORING YSTEM VENTS A preload task has failed. Content Filtering Events This includes the following events: The content filter license has expired. The Websense Enterprise server is unreachable. In addition to the above, the Webcache automatically generates the email notifications shown in “Automatic System Events”...
Page 211
Email Notification CRAM-MD5. Both Windows Exchange and Unix servers support Plain authentication. Disabling SMTP Authentication If you disable SMTP Authentication by leaving Enable SMTP Authentication blank and not specifying an SMTP Username and SMTP Password, the SMTP server will attempt to authenticate email in the following way: If the SMTP server reports that it cannot accept unauthenticated email, the email will fail.
13: M HAPTER ONITORING YSTEM VENTS SNMP Traps You can configure the Webcache to automatically generate Simple Network Management Protocol (SNMP) traps when certain significant system events occur. An SNMP trap is a message generated by the Webcache in response to a particular event. It is sent to a specified network management station in your network which receives and filters it.
Page 213
Private community string will gain read and write access to the Webcache to change its status or configuration. 3Com recommends that you change the default community strings to prevent unwanted users from gaining access to the Webcache.
This is a and is attempting to reboot major failure. Contact 3Com itself. Technical support. System Error (too many The 3Com Webcache is in The 3Com Webcache is in The Webcache has failed reboots) System Error. Reboot System Error. Reboot...
Page 215
You can continue to use the Webcache. Caching Disk Failed Cache Storage device 'The 3Com Webcache has a A cache storage device <0,1,2> has failed in the disk failure for disk number: within the Webcache has 3Com WebCache. Please <0,1,2>.
Page 216
Click here to run the displayed. Software Upgrade wizard: http://nnn.nnn.nnn.nnn Software Upgrade 3Com Webcache unable to 3Com Webcache unable to The Webcache has failed to Download Failed retrieve information from retrieve information from download the new software upgrade detection server upgrade server.
Page 217
Automatic System Events System Event Email Message SNMP Trap Message Description Content Filter License The content filtering license The content filtering license The licence is about to Warning for the Webcache has for the Webcache has expire. Renew within the expired.
Page 219
ERFORMANCE ONITORING This chapter contains information about monitoring the performance of the Webcache 1000/3000. It covers the following topics: Performance Monitoring Viewing Performance Graphs Viewing Caching Performance Graphs Viewing System Performance Graphs Viewing I/O Performance Graphs Emailing Performance Graphs...
The System Performance and I/O Performance graphs show more detailed information which is intended for use by your System Administrator and 3Com support personnel. Performance monitoring is always enabled; you cannot turn it off. You can also set up automatic emailing of the performance graphs to specified email accounts, enabling you to easily demonstrate the benefits of the Webcache to other people within your organization.
Page 221
Viewing Performance Graphs calculated as the ratio of bytes served by the Webcache to total requested bytes. A high graph rating is desirable because it indicates that the Webcache has reduced WAN bandwidth use. A low graph rating indicates the opposite. Hit Rate The hit rate reveals how effective the Webcache is at dealing with HTTP requests sent by clients.
Page 222
14: P HAPTER ERFORMANCE ONITORING Webcache’s peak capacity — will normally improve the caching behavior. However, a very low or zero request rate might indicate that the Webcache is not receiving the requests correctly and furthermore suggests that there is a problem with the setup and the deployment mode.
Connections timing out due to excessive traffic. Filtering Block Rate The percentage of requests from users that were blocked or logged by 3Com Web Site Filtering and Manual Filtering. If Websense Enterprise filtering is enabled, the Filtering Block Rate will always show zero.
14: P HAPTER ERFORMANCE ONITORING The Webcache has its own internal cache of DNS entries. The DNS Hit Rate shows how effective this cache is being in avoiding DNS lookups to the DNS server. Viewing System To view the System Performance graphs select System from the Performance Graphs navigation tree.
“webcache@3com.com”. The partial address “webcache” would be rejected by the server. 3Com recommends that you use the domain name of the Webcache as the email address. If you have entered “webcache” as the host name and “mycompany.com” as the DNS domain name of the Webcache, then you would enter “webcache@mycompany.com”...
Page 226
14: P HAPTER ERFORMANCE ONITORING 12 In the Realm/Domain Name field, you can enter the Unix realm or Windows domain that the SMTP user belongs to, or leave the field blank. For further information about how SMTP Authentication operates on the Webcache, see “SMTP Authentication”...
Page 227
YSTEM IAGNOSTICS This chapter contains information about troubleshooting the configuration and network connectivity of the Webcache 1000/3000. It covers the following topics: System Diagnostics Pinging Other Devices Tracing IP Addresses System Log...
15: S HAPTER YSTEM IAGNOSTICS System Diagnostics You can use the various system diagnostic capabilities of the Webcache to help you identify any problems that may occur. Ping — Ping other devices on the network. Trace Route — Trace the network hops to a device on your network. System Log —...
Tracing IP Addresses You can interrupt a PING request at any time by clicking Stop. Some network environments block PING traffic on the network. The PING request may therefore fail even if the network device is operating normally. Tracing IP The Trace Route feature allows you to display the network hops from the Addresses Webcache to a device on an IP network.
4 You can choose to save the contents of the System Log onto a single management station in your network that has syslog analysis tools. This is of particular benefit if you are working with 3Com support personnel. Enter the IP address of the syslog server in the Enter Syslog Server IP Address field to enable this feature.
Page 231
System Log should only enable it if you have been instructed to do so by 3Com support personnel. What is a Syslog Syslog is a standard protocol for reporting system events that occur on Server? the Webcache and most other modern network devices. A syslog server allows you to capture these system events, store them and display them in a variety of formats.
Click Refresh to update the information that is displayed. The System Log is primarily intended to be used by your System Administrator and 3Com support personnel to troubleshoot the Webcache.
Page 235
ONFIGURATION ANAGEMENT This chapter contains information about saving and restoring the configuration settings of the Webcache 1000/3000. It covers the following topics: Saving and Restoring Configurations Saving a Configuration Restoring a Configuration...
To do this, you need to install the software image of the previous software version. This is available either on the CD supplied with the Webcache or on the 3Com FTP site. You need to perform a software installation to return the Webcache to a previous working software version.
Saving a Configuration If you had not previously saved a system configuration file for the older software version, you would still be able to install a previous software image, but you would have to re-enter all of the configuration settings. CAUTION: You cannot restore a system configuration which was created on a different software version to the version that the Webcache is currently running.
The Webcache will automatically prompt you to save the current system configuration of the Webcache before you perform a software upgrade or a software installation. 3Com recommends that you always save the current system configuration of the Webcache before you make any significant changes to the configuration of the Webcache.
Page 239
OFTWARE PGRADES This chapter contains information about upgrading and installing the management software of the Webcache 1000/3000. It covers the following topics: Software Upgrades Software Downgrades Detecting a Software Upgrade Performing a Software Upgrade...
The configuration of the Webcache is preserved after a software upgrade has been performed; you do not have to re-configure the settings. 3Com recommends that you configure the Webcache to automatically detect new software versions. Software Upgrade...
Webcache checks for a new software version every 24 hours after it was last rebooted, at the same time each day. You should leave the Upgrade Detection Settings screen at its factory default settings, unless you are instructed to change them by 3Com support personnel.
Page 242
If you want to disable automatic detection, and instead perform software upgrades from a file on a local server, ensure that Enable Automatic Software Upgrade Detection is unchecked. 4 The default FTP site settings are displayed: FTP Server Address: ftp.3com.com FTP Server Directory: pub/webcache Username: anonymous Password: Webcache@hostname.domainname...
You may want to change the FTP site in order to download a software upgrade from a location other than the default 3Com FTP site. You can restore the FTP site to the factory defaults by clicking Restore Defaults.
Page 244
The Save Configuration operation saves the Webcache’s current system configuration as a file in another location on your network. 3Com recommends that you save your system configuration settings before you perform a software upgrade. Saving the configuration settings ensures that you can recover your entire system configuration if you need to re-install an older software version.
Page 245
License to read the 3Com End User Software License agreement. You cannot accept or decline the agreement until you have read it. 9 The 3Com End User Software License is displayed. Carefully read it and click Print if you want to print it out. Click Done to continue.
Page 246
License to view the 3Com End User Software License agreement. You cannot accept or decline the agreement until you have viewed it. 8 The 3Com End User Software License is displayed. Carefully read it and click Print if you want to print it out. Click Done to continue.
Page 247
Performing a Software Upgrade 12 The software upgrade may take several minutes to complete. The Software Upgrade Successful screen is displayed when the software upgrade has been successful. 13 Click Reboot to exit the Upgrade Software wizard and reboot the Webcache.
Page 249
VIII OMMAND NTERFACE Chapter 18 Command Line Interface...
Page 251
OMMAND NTERFACE The Webcache 1000/3000 has a Command Line Interface that allows you to manage certain features from a terminal. You may want to use the Command Line Interface to setup the Webcache for management through the console port or over your network via Telnet. This chapter describes how to access and use the Command Line Interface.
18: C HAPTER OMMAND NTERFACE A Quick Guide to Table 10 describes the commands that are available in the Command Line the Commands Interface. Table 10 Command Line Interface commands Command What does it do? Specifies basic setup information for the Webcache. gettingStarted Exits the current user from the Command Line Interface.
Getting Started Getting Started The Getting Started command allows you to quickly configure or view basic setup information for the Webcache. To configure basic setup information: 1 At the Top-level menu, enter: gettingStarted The following prompt is displayed: Enter system name: 2 Enter a system name for the Webcache.
Page 254
18: C HAPTER OMMAND NTERFACE 9 Enter a valid domain name. The following prompt is displayed: Enter First Search Domain 10 Enter a valid search domain name. The following prompt is displayed: Enter Second Search Domain 11 Enter a valid search domain name. The following prompt is displayed: Enter First DNS Server [0.0.0.0]: 12 Enter a valid Domain Network System (DNS) Server IP address.
Page 255
Getting Started If you enter primary and secondary NTP server addresses and both are available, the Webcache automatically uses the most reliable one. If you entered , the following prompt is displayed: manual Enter date [dd/mm/yy]: Enter a valid date. The following prompt is displayed: Enter time: [hour:min:sec] Enter a valid time.
18: C HAPTER OMMAND NTERFACE The following prompt is displayed: Enter the mode of operation (proxy, transparent, inline) [transparent]: 21 Enter either proxy transparent inline For further information, see “Deploying the Webcache in Your Network” page If you entered , the following prompt is displayed: proxy Enter the port number [8080]: 22 Enter the port number on which the Webcache will listen for traffic.
Displaying and Changing WAN and LAN Port Information To configure the WAN and LAN port settings: 1 At the Top-level menu, enter: physicalInterface portMode The following prompt is displayed: Warning: Changing the port configuration may cause loss of any existing network connections to the Webcache. Do you wish to continue (yes/no) [no]: 2 Enter if you wish to proceed, or...
18: C HAPTER OMMAND NTERFACE An example of the summary information is shown below: Port Mode Current Speed Current Duplex Autonegotiate 100M Full duplex Autonegotiate No link No link Displaying and You can display and change the Protocol information for the Webcache Changing Protocol using the commands on the IP menu.
Displaying and Changing Protocol Information 4 Enter a valid gateway IP address. The following prompt is displayed: Enter Host name: 5 Enter a valid host name. The following prompt is displayed: Enter Domain name 6 Enter a valid domain name. The following prompt is displayed: Enter First Search Domain 7 Enter a valid search domain name.
18: C HAPTER OMMAND NTERFACE 2 Enter a valid host name. The following prompt is displayed: Enter Domain name 3 Enter a valid domain name. The following prompt is displayed: Enter First Search Domain 4 Enter a valid domain name. The following prompt is displayed: Enter Second Search Domain 5 Enter a valid domain name.
Page 261
Displaying and Changing Protocol Information The following prompt is displayed: This will reset the IP and DNS configurations to factory default settings: 192.168.1.253 Default IP address 255.255.255.0 Default Subnet mask 0.0.0.0 Default gateway none Default DNS hostname Default DNS domain name: 0.0.0.0 Default First DNS server 0.0.0.0...
18: C HAPTER OMMAND NTERFACE Pinging Other The PING feature allows you to send out PING requests to test whether Devices devices on an IP network are accessible and functioning correctly. This feature is useful to diagnose connectivity problems such as a failed network device between the Webcache and the web server being accessed, or to help diagnose DNS setup problems.
Displaying and Changing Protocol Information Displaying IP You can display IP summary information for the Webcache using the Summary command on the Protocol menu. summary Information To display the IP information, at the Top-level menu, enter: protocol summary The IP information for the Webcache is displayed. An example of the IP information is shown below: IP address: 196.168.100.1 Subnet mask: 255.255.255.0...
18: C HAPTER OMMAND NTERFACE 2.BW-RTR-4.EUR.3Com.COM (161.71.21.45) 26.027ms, 27.156ms, 44.902ms 3.BW-RTR-1.EUR.3Com.COM (140.204.220.15) 24.323ms, 24.854ms, 30.096ms 4.janeway (161.71.123.36) 27.303ms, 33.639ms If the device is not accessible, or is not functioning correctly, a message similar to the following is displayed: No answer from 191.128.40.121...
Page 265
Displaying and Changing Security Information The following message is displayed: By default, the web interface is available on port 80 and port 8081. You can disable the web interface on port 80. Web interface is available on TCP Port 80 (yes/no) [yes]: 2 Enter to keep the Web interface available on port 80 (the default HTTP port), or...
CAUTION: 3Com recommends that you leave Password Recovery enabled. If you disable it and subsequently forget the password for the admin user name, you will have to return the Webcache to 3Com. To enable or disable password recovery: 1 At the Top-level menu, enter:...
Displaying and Changing Webcache Information and Functions The Password Recovery feature is enabled. Enter new value (enable,disable) [enable]: Displaying and You can display and change information about the Webcache using the Changing commands on the System menu. These commands allow you to: Webcache Initialize the Webcache to factory default settings Information and...
For further information, see “Configuring SNMP Community Strings” page 212. 3Com recommends that you change the default community strings to prevent unwanted users from gaining access to the Webcache. To change the community strings: 1 At the Top-level menu, enter:...
Displaying and Changing Webcache Information and Functions The following prompt is displayed: Enter new Public (Get/Read) community [public]: 3 Enter the community string for Public (Get/Read) requests to the Webcache. You can enter a maximum of 30 characters for each community string. Specifying a Contact You can specify contact name details for the Webcache using the Name...
18: C HAPTER OMMAND NTERFACE Enter system name [<system name>]: 2 Enter a system name for the Webcache. The name can be up to 80 characters long. Displaying Summary You can display the summary information for the Webcache using the Information command on the System menu.
Page 271
Displaying and Changing Webcache Information and Functions Contact Displays the details of a person to contact about the Webcache. For information about assigning new contact details, see “Specifying a Contact Name” page 269. Up Time Displays the time that has elapsed since the Webcache was last reset, initialized or powered-up.
Page 273
ROBLEM OLVING Chapter 19 Problem Solving...
Page 275
ROBLEM OLVING This chapter contains a list of known problems and suggested solutions. It covers the following topics: Accessing the Webcache via the Console Line Accessing the Webcache via Telnet Solving Problems Indicated by LEDs Solving Web Interface Problems Solving Command Line Interface Problems Solving Webcache Performance Problems Solving Client Browser Problems Solving General Webcache Problems...
19: P HAPTER ROBLEM OLVING Accessing the The terminal or terminal emulator cannot access the Webcache. Webcache via the Check that: Console Line Your terminal or terminal emulator is correctly configured to operate as a generic (TTY) terminal, or a VT100 terminal. You have performed the Command Line Interface wake-up procedure by pressing [Return] a few times.
Solving Problems Indicated by LEDs Check that the connections and network cabling for the LAN port are in place. If there is still a problem, try accessing the Webcache through a different port. If you can now access the Webcache, a problem may have occurred with the original port.
Page 278
19: P HAPTER ROBLEM OLVING Netscape Communicator v4.6 Netscape Communicator v4.7 Netscape Communicator v6.0 ™ For the browser to operate the Web interface correctly JavaScript Cascading Style Sheets must be enabled on your browser. These features are enabled on a browser by default. You will only need to enable them if you have changed your browser settings.
Page 279
Solving Web Interface Problems amounts of traffic on the network. Reload the Web interface by clicking Reload on the browser’s toolbar. If this does not solve the problem, go to the end of the URL in the Address field of the browser and press [Return]. This causes the page to be reloaded entirely.
Alternatively, the Webcache system time can be set manually. If you have configured the system time manually and it is inaccurate, the Webcache clock has probably drifted over time. 3Com recommends that you use the Network Time Protocol to prevent this. If this is not possible, reset the system time manually using the Time Configuration screen.
Page 281
Solving Webcache Performance Problems This service provides access to instructions about how to obtain a replacement cache storage device. As long as there is at least one working cache storage device, the Webcache will operate as a cache, but the failure of a cache storage device will degrade the performance of the Webcache.
19: P HAPTER ROBLEM OLVING For further information about deploying the SuperStack 3 Firewall with the Webcache, see “Proxy Relay Deployment” page You have enabled Cache Bypass and the Webcache can no longer connect to the World Wide Web In a WCCP version 2.0 deployment, if the Webcache and client machines reside on the same subnet in your network, special settings are required on the Cisco router to implement the WCCP solution (see page...
Webcache Problems Check if: The Power/Self Test LED on the front panel is Yellow or Off. This possibly indicates a system error. If so, contact 3Com support personnel. The Power/Self Test LED on the front panel is flashing Yellow. An internal emergency recovery procedure has reset the Webcache back to its factory default settings.
Page 284
Only the Webcache 3000 has accessible cache storage devices; you cannot remove them from the Webcache 1000. If a cache storage device fails in the Webcache 1000, you should return the whole unit to 3Com. If a cache storage device fails in the Webcache 3000, you can remove the device and return it to 3Com for replacement.
Page 285
PPENDICES AND NDEX Appendix A Safety Information Appendix B Cable Specifications and Pin-outs Appendix C Technical Specifications Appendix D Technical Support Appendix E Default Settings for the Webcache Appendix F Replacing and Installing Cache Storage Devices Appendix G Cisco WCCP Commands Appendix H Log Formats Appendix I...
Page 287
AFETY NFORMATION You must read the following safety information before carrying out any installation or removal of components, or any maintenance procedures on the Webcache 1000/3000. WARNING: Warnings contain directions that you must follow for your personal safety. Follow all directions carefully. You must read the following safety information carefully before you install or remove the unit.
A: S PPENDIX AFETY NFORMATION Important Safety Information WARNING: Installation and removal of the unit must be carried out by qualified personnel only. WARNING: The unit must be earthed (grounded). WARNING: The unit must be connected to an earthed (grounded) outlet to comply with European safety standards and EMC standards.
Page 289
Important Safety Information WARNING: This unit operates under SELV (Safety Extra Low Voltage) conditions according to IEC 950. The conditions are only maintained if the equipment to which it is connected also operates under SELV conditions. WARNING: The appliance coupler (the connector to the unit and not the wall plug) must have a configuration for mating with an EN60320/IEC320 appliance inlet.
Page 290
A: S PPENDIX AFETY NFORMATION Consignes importantes de sécurité AVERTISSEMENT: L'installation et la dépose de ce groupe doivent être confiés à un personnel qualifié. AVERTISSEMENT: Vous devez mettre l’appareil à la terre (à la masse) ce groupe. AVERTISSEMENT: Vous devez raccorder ce groupe à une sortie mise à la terre (mise à...
Page 291
Consignes importantes de sécurité Etats-Unis et Le cordon doit avoir reçu l'homologation des UL et un Canada certificat de la CSA Le cordon souple doit respecter, à titre minimum, les spécifications suivantes: Calibre 18 AWG Type SV ou 5J A 3 conducteurs Le cordon doit être en mesure d'acheminer un courant nominal d'au moins 10 A La prise femelle de branchement doit être du type à...
A: S PPENDIX AFETY NFORMATION connecteurs de données RJ-45, systèmes de réseaux de téléphonie ou téléphones de réseaux à ces prises. Il est possible de raccorder des câbles protégés ou non protégés avec des jacks protégés ou non protégés à ces prises de données. Wichtige Sicherheitsinformat ionen...
Page 293
Wichtige Sicherheitsinformationen Bedingungen sind nur gegeben, wenn auch die an das Gerät angeschlossenen Geräte unter SELV-Bedingungen betrieben werden. VORSICHT: Der Gerätestecker (der Anschluß an das Gerät, nicht der Wandsteckdosenstecker) muß eine passende Konfiguration für einen Geräteeingang gemäß EN60320/IEC320 haben. VORSICHT: Nur für Frankreich: Diese Einheit kann nicht über Anschlüsse des Typs IT†...
Category 3, because it supports both Ethernet (10 Mbps) and Fast Ethernet (100 Mbps) speeds. 3Com recommends that you use Category 5 cable — the maximum segment length for this type of cable is 100 m (328 ft).
B: C PPENDIX ABLE PECIFICATIONS AND OUTS Pin-outs Null-Modem Cable 9-pin to RS-232 25-pin Webcache 1000/3000 PC/Terminal Cable connector: 9-pin female Cable connector: 25-pin male/female Screen Shell Screen only required if screen always required Ground Ground required for handshake PC-AT Serial Cable 9-pin to 9-pin Webcache 1000/3000 PC-AT Serial Port...
Page 297
Pin-outs Modem Cable 9-pin to RS-232 25-pin Webcache 1000/3000 RS-232 Modem Port Cable connector: 9-pin female Cable connector: 25-pin male Screen Shell Screen Ground Ground RJ-45 Pin Pin assignments are identical for 10BASE-T and 100BASE-TX RJ-45 Assignments connectors. Table 12 Pin Assignments Pin Number Signal Function...
Page 298
B: C PPENDIX ABLE PECIFICATIONS AND OUTS...
Page 299
–10 ° to +70 °C (14 ° to 158 °F) Operating Humidity 10–95% relative humidity, non-condensing Standards EN60068 to 3Com schedule (Package testing: paras 2.1, 2.2, 2.30, and 2.32. Operational testing: paras 2.1, 2.2, 2.30 and 2.13). Safety Agency Certifications UL 1950, EN60950, CSA 22.2 No.
3Com recommends that you access the 3Com Corporation World Wide Web site. Online Technical 3Com offers worldwide product support 24 hours a day, 7 days a week, Services through the following online systems: World Wide Web site...
Knowledgebase is updated daily with technical information discovered by 3Com technical support engineers. This complimentary service, which is available 24 hours a day, 7 days a week to 3Com customers and partners, is located on the 3Com Corporation World Wide Web site at: http://knowledgebase.3com.com...
Support from 3Com Support from 3Com If you are unable to obtain assistance from the 3Com online technical resources discussed earlier in this appendix, or from your network supplier, 3Com offers a range of support services. Purchase of a support contract gives you priority response and is typically more cost effective than purchasing service for a specific incident.
Page 304
D: T PPENDIX ECHNICAL UPPORT Here is a list of worldwide technical telephone support numbers. These numbers are correct at the time of publication. Refer to the 3Com Web site for updated information. Country Telephone Number Country Telephone Number Asia, Pacific Rim...
Returning Products for Repair Returning Products Before you send a product directly to 3Com for repair, you must first for Repair obtain an authorization number. Products sent to 3Com without authorization numbers will be returned to the sender unopened, at the sender’s expense.
EFAULT ETTINGS FOR THE EBCACHE Default Settings Table 14 shows the factory default settings for the Webcache: Table 14 Default Settings Feature Webcache 1000/3000 Port Status LAN Port: Enabled Auto-negotiation WAN Port: Enabled Auto-negotiation Port Speed 10BASE-T/100BASE-TX Mbps ports are auto-negotiated Duplex Mode 10BASE-T and 100BASE-TX ports are auto-negotiated...
Page 308
Web site blocking Disabled Web Client Blocking Disabled Content Filter Mode Manual Content Preload Disabled 3Com Web Scheduler Disabled Filter Exclusion Disabled Allow List Disabled Deny List Disabled If you initialize the Webcache by selecting System > Control > Initialize...
Getting Started Wizard Settings Host Name Domain Name System (DNS) Domain All other settings are reset to the default values shown in Table Getting Started The following table shows the settings that you can configure in both the Wizard Settings Web interface and Command Line Interface Getting Started wizards.
Page 310
E: D PPENDIX EFAULT ETTINGS FOR THE EBCACHE Setting Meaning Default Example Search Domains Search domains allow you to control how (none) test.mycompany.com unqualified URLs are handled by the mycompany.com Webcache. An example of an unqualified URL is http://info/. They are typically used for Intranet web servers.
Page 311
1, 6, 23, 123, 161, 2048, 8081-8089, 49152-65535. Ports that you use for Proxy Mode cannot also be used for Transparent Mode. 3Com recommends you use the default port number of 8080 for Proxy Mode. Port 80 is always...
Page 312
E: D PPENDIX EFAULT ETTINGS FOR THE EBCACHE...
Page 313
EPLACING AND NSTALLING ACHE TORAGE EVICES This chapter contains information about replacing failed cache storage devices and installing a third cache storage device in the Webcache 3000. It covers the following topics: Replacing a Failed Cache Storage Device Installing an Additional Cache Storage Device WARNING: You can only replace and install Cache Storage Devices without removing power from the Webcache, if the Webcache is currently running software version 2.0 or later.
Only the Webcache 3000 has accessible cache storage devices; you cannot remove them from the Webcache 1000. If a cache storage device fails in the Webcache 1000, you should return the whole unit to 3Com. The Webcache will continue to operate with reduced performance if at least one cache storage device is functioning normally.
Page 315
Replacing a Failed Cache Storage Device 6 If you have mounted the Webcache in a rack using the supplied rack-mounting kit, you must slide the Webcache forward by approximately 1 inch, in order to fully open the front panel. 7 Open the front panel of the Webcache, as shown in Figure Figure 37 Opening the Front Panel Cac he Stor...
77094716.3290900 (correct at time of publication) Adding a New Cache You can use a new cache storage device supplied by 3Com to replace the Storage Device failed device. To add a cache storage device to the Webcache 3000: 1 If you have mounted the Webcache in a rack using the supplied rack-mounting kit, you must slide the Webcache forward by approximately 1 inch, in order to fully open the front panel.
Page 317
A mounting tray is already installed in the third bay of the Webcache 3000. You simply need to purchase a 3Com-approved hard drive and insert it into the mounting tray in the third bay. A list of approved hard drives can be found at: http://www.3com.com/sswebcache...
Page 318
F: R PPENDIX EPLACING AND NSTALLING ACHE TORAGE EVICES 6 Gently push the mounting tray back into the Webcache until it stops. 7 Push in the arms on the front of the tray to click them into place. 8 Close the front panel of the Webcache. 9 Log in to the Web interface.
Page 319
WCCP C ISCO OMMANDS The Web Cache Communication Protocol (WCCP) allows the Webcache to be connected to one or more WCCP-enabled Cisco routers in your network. There are two versions of WCCP, known as WCCP V1 and WCCP V2, which require different deployment methods. In addition to configuring the Webcache, you also need to configure the Cisco routers using the Cisco Command Line Interface: Configuring WCCP Version 1.0...
Page 320
G: C WCCP C PPENDIX ISCO OMMANDS Configuring WCCP To configure WCCP version 1.0 on a Cisco router enter the following Version 1.0 settings in the Cisco Command Line Interface: ip wccp version 1 ip wccp web-cache interface eth0 ip wccp web-cache redirect out ip route-cache same-interface exit show ip wccp...
Cisco routers allow the use of multicast groups and security passwords on a per service group basis. For WCCP version 2.0 deployment on the 3Com SuperStack 3 Webcache, all service groups must be configured identically. For example, if you set a password for one service group, you must set the same password for all the other service groups.
<service-id> interface ethernet0 ip wccp <service-id> redirect out General Enter the following commands: configure terminal ip wccp <service-id> group-address 224.1.1.100 password 3com interface ethernet 0 ip wccp <service-id> redirect out interface ethernet 1 ip wccp <service-id> group-listen...
Configuring WCCP Version 2.0 Cache Access List To achieve better security, you can tell the router which IP addresses are valid addresses for a webcache attempting to register with the current router, using a standard access list. The following example shows a standard access list configuration session where the access list number is 10 for a sample host: Enter the following commands:...
G: C WCCP C PPENDIX ISCO OMMANDS Configuring WCCP If you are configuring a network where the Webcache and client Version 2.0 Within a machines reside on the same segment, special settings are required on Single Subnet the Cisco router to implement a WCCP solution. Remove the command on the router ip wccp redirect exclude in...
ORMATS The Webcache can save its log files to an FTP server (see “Storing the Log Files” page 140). The Access Logs are saved in five formats, described “Access Log Formats” below. The format of the Filter Log is described “Filter Log Format”...
Webcache Access Log files with WebTrends reporting tools. 3Com recommends that you select the Webtrends Extended Log Format (WELF) option and use Webtrends Log Analyzer or WebTrends Firewall Suite to analyze the access logs that the Webcache produces: http://www.webtrends.com...
The client request timestamp; date and time of the client’s request. “req“ The full HTTP client request text, minus headers; for example, GET http://www.3com.com HTTP/1.0 status The proxy response status code; the HTTP response status code from proxy to client.
The client request timestamp; date and time of the client’s request. “req“ The full HTTP client request text, minus headers; for example, GET http://www.3com.com HTTP/1.0 status The proxy response status code; the HTTP response status code from proxy to client.
Page 329
The client request timestamp; date and time of the client’s request. “req“ The full HTTP client request text, minus headers; for example, GET http://www.3com.com HTTP/1.0 status The proxy response status code; the HTTP response status code from proxy to client. length The proxy response transfer length;...
H: L PPENDIX ORMATS WebTrends Extended Table 20 lists the WebTrends Extended Log Format logging fields. Log Format The format of WebTrends Extended Log Format log file entries is: id=firewall time fw pri proto duration sent rcvd src dst dstname user op arg result ref agent cache Table 20 WebTrends Extended Log Format (WELF) logging fields WebTrends Meaning...
WebTrends Meaning Examples dstname The more user-friendly version of the dst= field. dstname=Webcache 3000 #1 dstname=www.3com.com user The user name is logged in this field. user=admin For HTTP and FTP requests, this is the operation such as op=GET GET, POST, etc.
Page 332
H: L PPENDIX ORMATS Table 21 Filter Log Format logging fields (continued) Filter Log Meaning ident The client authenticated user name if per-user authentication is enabled. If per-user authentication is not enabled, this field has the value "-". category The filter category (one of those described in Section 3.2.2) that prevented the access, e.g.
Page 333
RACE OUTE YMBOLS The Trace Route feature allows you to display the network hops from the Webcache to a device on an IP network. A symbol may be displayed after a network hop which provides further information about that hop. The symbol may indicate systems that are unwilling to participate in a traceroute, or a problem with the system concerned.
EFINITIONS Core Categories The 3Com Web Site Filter groups sites in the Core Categories so that you can block individual topics. The Web Site Filter will also block entire web hosting sites (ISPs) under all core categories. This is because such sites...
J: C PPENDIX ATEGORY EFINITIONS Alcohol and tobacco manufacturers' commercial Web sites. Sites detailing how to achieve ‘legal highs’, glue sniffing, misuse of prescription drugs or abuse of other legal substances. Sites that make available alcohol, illegal drugs, or tobacco free or for a charge displaying, selling, or detailing use of drug paraphernalia.
News, historical, or press incidents that may include the above criteria (except in graphic examples) and are not blocked. Productivity The 3Com Web Site Filter aims to primarily cover the 20% of web sites Categories that generate 80% of the traffic under the productivity categories. The entire internet is simply large to filter and still perform satisfactorily.
J: C PPENDIX ATEGORY EFINITIONS Celebrity fan sites. City Guides. Games This includes: Web sites that allow a user to download or play online games. Tips and advice on playing computer and Internet-based games. Journals and magazines dedicated to game playing. Web sites hosting games and contests.
Productivity Categories Investment This includes: Web sites that provide stock quotes, stock tickers and fund rates. Web sites that allow stock or equity trading online. Investing advice or contacts for trading securities. Money management/investment services or firms. Job Search This includes: Sites hosting job and resume listings.
J: C PPENDIX ATEGORY EFINITIONS Shopping This includes: Internet malls and online auctions. Department stores, retail stores, company catalogs online. Online downloadable product warehouses; specialty items for sale. Companies online dedicated to freebies or merchandise giveaways. Sports This includes: Official team or conference Web sites. National, international, college, professional scores and schedules.
Page 341
LOSSARY 3Com Network The 3Com umbrella management system used to manage all of 3Com’s Supervisor networking solutions. 3Com Web Scheduler A Web browser plug-in that allows permitted users to schedule content preloads without administrator access to the Webcache. 10BASE-T The IEEE specification for 10 Mbps Ethernet over Category 3, 4 or 5 twisted pair cable.
Page 342
LOSSARY client machine A computer, printer or server that is connected to a network. In this User Guide, client machine is used to describe a machine on your network which is running a Web browser such as Internet Explorer or Netscape Navigator.
Page 343
LOSSARY fresh Content stored in the cache can either be fresh (also known as current) or stale (also known as expired). If it is fresh, the content is up to date and the Webcache serves it to the client machine as a cache hit. See also current.
Page 344
LOSSARY IP address Internet Protocol address. A unique identifier for a device attached to a network using TCP/IP. The address is written as four octets separated with periods (full-stops), and is made up of a network section, an optional subnet section and a host section. Local Area Network.
Page 345
LOSSARY PING Packet Internet or Inter-Network Gropher. This feature allows you to send out a PING request to test whether devices on an IP network are accessible and functioning correctly. protocol A set of rules for communication between devices on a network. The rules dictate format, timing, sequencing and error control.
Page 346
LOSSARY TCP relates to the content of the data travelling through a network — ensuring that the information sent arrives in one piece when it reaches its destination. IP relates to the address of the client machine to which data is being sent, as well as the address of the destination network. Telnet A TCP/IP application protocol that provides a virtual terminal service, letting a user log into another computer system and access a device as...
Page 347
LOSSARY WPAD Web Proxy Auto-Discovery. This protocol enables the Web browser on client machines to automatically find and load proxy configuration information from a server without user intervention.
Page 349
188 Cache Control 182 Numbers creating a list 182 10BASE-T/100BASE-TX port 63 setting up 182 3Com Knowledgebase Web services 302 cache storage device 3Com Network Supervisor 24, 208 adding 316 3Com URL 301 additional 317 3Com Web Scheduler 201...
Page 350
32 documentation 60 stale 32 release notes 60 content filtering user guide 60 3Com Web Site 147 Domain Name System (DNS) 28 allow/deny lists 169 syntax 28 blocking response screen 161 customizing the response screen 176 exclusion lists 166...
Page 351
NDEX factory defaults 65, 307 LAN port 63, 77 filter policy Hotspot 97 creating 152 LEDs 64 forcing a preload LEDs preloading content 198 color 69 forgetting your password 106 front panel 61 front panel 61 activity 62 front panel LEDs 61 cache storage status 61 activity 62 link status 61...
Page 352
NDEX modem cable 75 caching 220 pin-outs 297 abort and error rate 222 monitoring performance 219 bandwidth saving 220 monitoring Web access 139 filtering block rate 223 MRTG license 358 hit and miss latencies 222 hit rate 221 request rate 221 throughput 222 name command 269 I/O 223...
Page 353
NDEX Proxy Auto Configuration (PAC) 48 SMTP Client license 358 proxy cache 45 SNMP 212 manually configuring Web browsers 47 community string 268 Proxy Auto Configuration (PAC) 48 community strings 212 Web Proxy Auto-Discovery (WPAD) 49 SNMP traps 212 proxy mode 63 software upgrades 240 proxy relay 44 software 235, 239...
Page 354
Web client blocking creating a list 163 saving the list 185, 190 technical specifications 299 Web content technical support current 32 3Com Knowledgebase Web services 302 expired 32 3Com URL 301 fresh 32 network suppliers 302 stale 32 product repair 305...
Page 355
For example, if you purchased a five (5) pack license for a specific 3Com product, you may use it on five (5) units of such 3Com product. Otherwise, the Software and Documentation may be copied only as essential for backup or archive purposes in support of your use of the Software as permitted hereunder.
Page 356
Documentation, and may be amended only in a writing signed by both parties. Should you have any questions concerning this Agreement or if you desire to contact 3Com for any reason, please contact the 3Com subsidiary serving your country, or write: 3Com Corporation, Customer Support...
Page 357
TRADE SECRETS; TITLE: You acknowledge and agree that the structure, sequence and organization of the Product are the valuable trade secrets of 3Com and its suppliers. You agree to hold such trade secrets in confidence. You further acknowledge and agree that ownership of, and title to, the Product and all subsequent copies thereof regardless of the form or media are held by 3Com and its suppliers.
Page 358
ENTIRE AGREEMENT: This Agreement sets forth the entire understanding and agreement between you and 3Com and supersedes all prior agreements, whether written or oral, with respect to the Product, and may be amended only in a writing signed by both parties.
Page 359
recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary.
Page 360
code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable.
Page 361
COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.
Page 362
EGULATORY OTICES FCC S TATEMENT This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.