Hi, I am trying to get squid working with my cisco router.How it works is network flows through my unit and enters the cisco on FE0. Below are copies of both configurations which seem correct, yet the whole setup doesnt work correctly, which is my question as why not? Is everything correct and just the physical layout, or is my configuration wrong? I am running Version 2.6.STABLE13+ICAP on FreeBSD 4.11. half_closed_clients off wccp2_router 10.10.250.1 wccp2_forwarding_method 1 wccp2_return_method 1 wccp2_service standard 0 #tcp_outgoing_address append_domain .domain.com http_port 3128 transparent icp_port 3130 #htcp_port 0 cache_mem 32 MB acl all src 0.0.0.0/0.0.0.0 acl localhost src 127.0.0.1/255.255.255.255 acl SSL_ports port 443 563 acl Safe_ports port 21 70 80 210 443 488 591 777 1025-65535 acl CONNECT method CONNECT acl QUERY urlpath_regex cgi-bin \? no_cache deny QUERY cache_swap_low 90 cache_swap_high 96 maximum_object_size 32768 KB minimum_object_size 0 KB maximum_object_size_in_memory 128 KB ipcache_size 10240 ipcache_low 90 ipcache_high 95 fqdncache_size 10240 log_fqdn off memory_pools off cache_replacement_policy heap GDSF #memory_replacement_policy heap LFUDA memory_replacement_policy lru #cache_replacement_policy lru cache_dir ufs /mnt/cache 12000 16 256 log_mime_hdrs on logformat squid %ts.%03tu %6tr %>a %Ss/%03Hs %<st %rm %ru %un %Sh/%<A %mt %>st cache_access_log /var/log/squid/access.log squid cache_log /var/log/squid/cache.log cache_store_log none pid_filename /usr/local/squid/logs/squid.pid store_dir_select_algorithm round-robin debug_options ALL,1 ftp_user admin@ ftp_passive on dns_timeout 50 seconds quick_abort_min 10 kb quick_abort_pct 50% quick_abort_max 1024 kb negative_ttl 2 minute range_offset_limit 0 KB connect_timeout 20 second #cache_peer http_access deny !Safe_ports http_access deny CONNECT !SSL_ports http_access allow all # And finally deny all other access to this proxy icp_access allow all cache_mgr support@xxxxxxxxxx cache_effective_user nobody cache_effective_group nobody visible_hostname my.domain.com #dns_testnames netscape.com internic.net nlanr.net microsoft.com dns_testnames localhost forwarded_for on ie_refresh on acl localSnmp snmp_community public snmp_port 3401 snmp_access allow localSnmp localhost snmp_access deny all snmp_incoming_address 0.0.0.0 snmp_outgoing_address 255.255.255.255 peer_connect_timeout 30 seconds dead_peer_timeout 30 seconds httpd_suppress_version_string = on collapsed_forwarding off dns_defnames off Now here are the extracts from sh run on the cisco: interface FastEthernet0 ip address 10.10.250.1 255.255.0.0 ip wccp web-cache redirect in ip nat inside ip nat enable ip virtual-reassembly ip tcp adjust-mss 1412 duplex auto speed auto ! Any ideas as to what is wrong, because squid registers with the router, but the traffic never gets to the cache and web stops working should the user match the ACL list.? Thanks in advance, Ian
