Skip to main content
Skyhigh Security

Troubleshooting Issues with WCCP Services

When issues arise with WCCP services while configuring them for the Transparent Proxy mode, there are several ways to gather relevant information.

  • You can review information about WCCP services on the appliance dashboard
  • You can retrieve information about WCCP services by running suitable commands on the command line of a system console that is connected to the appliance.

Review information about WCCP services on the dashboard

Review information about WCCP services on the appliance dashboard to see whether troubleshooting activities are required.

  1. Select Dashboard | Charts and Tables.
  2. On the navigation pane, click System Summary and scroll down to the WCCP Service Current Status Report table.

The table shows values for several WCCP parameters, such as the ID of the WCCP service that the appliance has subscribed to, the IP address of the router, forwarding and return methods, and assigned buckets.

It also shows the time stamps of the latest "Here I Am" and "I See You" data packets, which allows you to verify that the health check is working.

Retrieving information about WCCP services over the command line

You can run several commands on the command line of a system console to retrieve information about WCCP services.

Enter the following command to see if web traffic is redirected to the configured port on a Web Gateway appliance.

iptables -t mangle -L

You will see, for example, an entry for the chain WCCP0 with a line containing redirect 10.10.73.72:9090.

10.10.73.72 is the IP address of the network interface of the NIC on the Web Gateway appliance that you configured as destination of the redirected traffic. 9090 is the configured port.

You can check whether the appliance sends "Here I Am" and "I See You" data packets. Enter the following command:

tcpdump -npi eth0 port 2048

Within the data packets that are displayed, verify that the following applies:

  • The IP address shown for the web cache is the IP address of the Web Gateway appliance.
  • The bucket assignment method is the method that is also configured for Web Gateway.
  • The redirect method is the method that is also configured for Web Gateway.

You can check whether the GRE-encapsulated or L2-rewritten data packets are received on the Web Gateway appliance.

  • For GRE-encapsulation, enter the following command:

    tcpdump -npi eth0 ip proto 47


    Verify that the source IP address of the data packets is the IP address that is configured for the router on Web Gateway.
     
  • For L2-rewriting, enter the following command:

    tcpdump -npi eth0 not host <IP address of the Web Gateway appliance


    Verify that the source IP address of the data packets is the IP address of the client that sent the request.

NOTE: To check that redirected data packets are received on Web Gateway, you can also enter the ifconfig command.

  • Was this article helpful?