Environment:
Squid server: Ubuntu 8.10 Server Edition      IP Address:192.168.50.100/24
ASA5510:   E0/1 inside         IP Address:192.168.50.1/24
Local Network:     10.1.0.0/16
 
1. ASA WCCP Configuration
ASAconfig)#access-list PROXY extended permit 10.1.0.0 255.255.0.0 any eq www
ASAconfig)# wccp web-cache redirect-list PROXY
ASA(config)# wccp interface inside web-cache redirect in
 
2. Squid Installation
root@ubuntu-squid:~# apt-get install squid
root@ubuntu-squid:~# vi /etc/squid/squid.conf
http_port 3128 transparent
wccp2_router 192.168.50.1
wccp2_forwarding_method 1
wccp2_return_method 1
wccp2_assignment_method 1
acl all src 0.0.0.0/0.0.0.0
http_access allow all
cache_mem 256MB
cache_dir ufs /var/spool/squid 10240 16 256
 
3. Linux Server Configuration
root@ubuntu-squid:~# vi /etc/rc.local
#setup gre tunnel to ASA. Remote is the WCCP route identifier and local is the ip address of Squid
ip tunnel add wccp0 mode gre remote 192.168.50.1 local 192.168.50.100 dev eth0
ifconfig wccp0 inet 127.0.0.3 netmask 255.255.255.255 up
echo 1 > /proc/sys/net/ipv4/ip_forward
echo 0 > /proc/sys/net/ipv4/conf/wccp0/rp_filter
iptables -F -t nat
iptables -t nat -A PREROUTING -i wccp0 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.50.100:3128
 
4. Verify Configuration
ASA# sh wccp
Global WCCP information:
    Router information:
        Router Identifier:                   192.168.50.1
        Protocol Version:                    2.0
    Service Identifier: web-cache
        Number of Cache Engines:             1
        Number of routers:                   1
        Total Packets Redirected:            7611
        Redirect access-list:                PROXY
root@ubuntu-squid:~# tail /var/log/squid/access.log
1246847635.924      2 10.1.254.115 TCP_IMS_HIT/304 445 GET http://wiki.squid-cache.org/wiki/squidtheme/css/screen.css - NONE/- text/css
1246847635.927      2 10.1.254.115 TCP_IMS_HIT/304 444 GET http://wiki.squid-cache.org/wiki/squidtheme/css/print.css - NONE/- text/css