Troubleshooting WCCP Redirection¶
The WCCP redirection protocol is quite complex to setup and a lot of things may go wrong. The following troubleshooting hints may help to correctly configure it.
Commands to check the status of WCCP redirection on Cisco ASA side are
show wccp. Correct output should look something like.
The following command will help to capture GRE traffic from Cisco ASA to proxy box
tcpdump -i ens160 -s 65535 -w gre.dumpto file gre.dump that can later be analyzed with WireShark. Please note here the local ethernet NIC is called ens160. Yours might be different!The following command will help to show in real time that GRE traffic is flowing from Cisco ASA to proxy box
tcpdump –npi ens160 ip proto 47. Please note here the local ethernet NIC is called ens160. Yours might be different! The correct output will look like the following:
root@websafety:~# tcpdump -npi ens160 ip proto 47 tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on ens160, link-type EN10MB (Ethernet), capture size 262144 bytes 11:40:36.719647 IP 192.168.178.10 > 192.168.6.15: GREv0, length 60: gre-proto-0x883e 11:40:36.720309 IP 192.168.178.10 > 192.168.6.15: GREv0, length 48: gre-proto-0x883e 11:40:36.720994 IP 192.168.178.10 > 192.168.6.15: GREv0, length 565: gre-proto-0x883e 11:40:36.729838 IP 192.168.178.10 > 192.168.6.15: GREv0, length 60: gre-proto-0x883e ... snip ... 11:40:39.751357 IP 192.168.178.10 > 192.168.6.15: ip-proto-47 11:40:39.751791 IP 192.168.178.10 > 192.168.6.15: GREv0, length 502: gre-proto-0x883e ^C 46 packets captured 46 packets received by filter 0 packets dropped by kernel