How to Control Web Traffic Using Squid Cache and Cisco Router in Linux

Best Affordable Linux and WordPress Services For Your Business
Outsource Your Linux and WordPress Project and Get it Promptly Completed Remotely and Delivered Online.

If You Appreciate What We Do Here On TecMint, You Should Consider:

  1. Stay Connected to: Twitter | Facebook | Google Plus
  2. Subscribe to our email updates: Sign Up Now
  3. Get your own self-hosted blog with a Free Domain at ($3.45/month).
  4. Become a Supporter - Make a contribution via PayPal
  5. Support us by purchasing our premium books in PDF format.
  6. Support us by taking our online Linux courses

We are thankful for your never ending support.

Arash Arzandehnia

I'm a network engineer and expert in network designing and troubleshooting. I've done MCP, MCSA(System Administrator), MCSE, MCTS, MCITP, MCSA (Solutions Associate) and CCNA (R&S).

Your name can also be listed here. Got a tip? Submit it here to become an TecMint author.

RedHat RHCE and RHCSA Certification Book
Linux Foundation LFCS and LFCE Certification Preparation Guide

You may also like...

16 Responses

  1. Mvs says:

    Hi, i had trouble when create gre0, and when I am check network status,

    Jan 30 17:31:14 localhost.localdomain network[26902]: RTNETLINK answers: File exists
    Jan 30 17:31:14 localhost.localdomain network[26902]: RTNETLINK answers: File exists
    Jan 30 17:31:14 localhost.localdomain network[26902]: RTNETLINK answers: File exists
    Jan 30 17:31:14 localhost.localdomain network[26902]: RTNETLINK answers: File exists

    thanks before

  2. Danielx64 says:


    Will this work on HTTPS or not? Also what about blocking torrents etc?

    Thank you :)

  3. Anuar Ferrera says:

    Everything is pretty clear and so far this is the best clear guide I have found on the internet without too many arguments and diagrams, plain simple which is great, but I have only one concern and is this part:
    R1(config)#interface fastEthernet 0/0
    R1((config-if)# ip wccp web-cache redirect in
    All my network is tied to :

    interface Vlan1
    description $ETH-SW-LAUNCH$$INTF-INFO-FE 1$
    ip address
    ip nat inside
    ip virtual-reassembly
    ip tcp adjust-mss 1452

    This should apply to this interface instead of a particular Ethernet?

    Thanks for such of great guide

    • Hello , Thanks For Your Nice Comment.
      About Your Question , You Have To Put Your Redirect Statement on The Lan-Side Interface , Could You Please Send Me Your Configuration And Also Your Device Part Number ?

  4. Hamza says:

    I am new to Linux, please help me how I can create the interface on centos 7 and the IP mentioned in the interface it will be one of the free ip of the localnet..
    Please help me

  5. Ashish Kumar says:

    I have a query.

    1.) We need to run “ip wccp web-cache redirect in” on router interface which is connected to the internet or LAN ?
    2.) Do we need to use 2 interface on Squid, one with Live IP and another one with Local LAN. if not then how squid will re-direct the user’s traffic to internet ?


  6. abdelghafar says:

    can you give us your example by configuration i need to implement this solution but i need more detail in configuration and installation of devices such as how to connect to internet does squid has 2 NIC what is the network topology … thanks

    • which part of scenario you need more help ? SQUID just have one NIC that is connect to the LAN switch and have same IP configuration as clients.
      router have two interface , one connect to internet and another connect to the LAN by switch. follow below shape.
      internet —> router —> LAN switch –> clients & squid

  7. Umesh says:

    Your Article if Very Nice.
    My question is: why do we need to send the packets to router & and then to Squid, We can also send the Internet packets directly to the Squid? As we do in IE in internet settings. Please explain i am a bit confuse. Thanks in Advanced.

    • Hi, I’m happy that you like it.
      we sent HTTP traffics through the router by WCCP protocol to using awesome features of WCCP, some advantage of usuing wccp is : 1-there is no need to additional configuration on client side(like set proxy in browser and applications) 2-clients never found out actual ip address of SQUID machine(it’s ideal for security) 3-all HTTP traffics goes to squid not just browser traffic(for example some messengers app or audio players apps) 4-if squid goes down WCCP stop redirection to squid and pass the packets directly toward the ISP 5-we can use a cluster of squid machines for load balancing and fault tolerance by WCCP power.

    • Yes you can send directly packets to the squid by entering the squid ip address in clients browser proxy settings , but it needs additional configuration on each client , by this method at least you do not need to enter proxy settings on clients browsers, additionally you can use of benefits of cisco features in the middle.

  8. Vi Vo says:

    Thanks so much for this helpful guide. I will try it

Got something to say? Join the discussion.

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.