10-16-2007 12:32 AM
We have installed a NME-WAE-502 card in a remote Cisco 2811 router. The router is configured with a VPN-tunnel to the main site where the central inline wae resides.
From the remote site you can ping the central wae and vice versa. We can telnet back and forth as well.
The problem is that we cannot register the remote wae via the VPN tunnel...
The VPN tunnel works fine for other traffic, both tcp and udp.
10-16-2007 04:07 AM
Mathias,
What version of WAAS are you running? You may need to lower the optimized MSS to accommodate the tunnel/IPSec overhead? The CLI command is:
tfo tcp optimized-mss
This needs to be executed on the WAE's on both sides.
Zach
10-16-2007 04:18 AM
I have entered (on both wae's)
tfo tcp optimized-mss 1250
tfo tcp original-mss 1250
The message I get when I try to register:
Registering WAAS Application Engine...
Sending device registration request to Central Manager with address 172.a.b.c
Failed to contact CDM 172.a.b.c(Unmarshaled: 9001). Please check connectivity with CDM device and
status of management service on CDM.
register: Registration failed.
cms: unable to register node
FAILED to enable management services
/Mathias
10-16-2007 04:32 AM
I can also suggest the following troubleshooting steps:
1. Verify you can telnet from the NME-WAE to the CM on port 443. This is the port used for communication between the NME-WAE and CM.
2. Verify the CMS service is running on the CM using the CLI command 'sh cms info' on the CM.
3. Ensure that no existing CMS tables exist on the NME-WAE with the config mode command 'cms der for' on the NME-WAE.
Zach
10-16-2007 04:59 AM
1. sewae#telnet 172.a.b.c 443
Trying 172.a.b.c...
Connected to 172.a.b.c.
Escape character is '^]'.
kjhkjh^]
Connection closed by foreign host.
2. Since I cannot register the CMS is not working.
3. Tried that as well. I have also restored factory defaults.
10-16-2007 05:04 AM
Have you tried restarting the CMS service on the CM? You should also check the CMS logs on both devices:
/local1/errorlog/cms_log.0
Finally I would suggest a packet capture on the CM to verify that the connection is established and packets are being exchanged during the registration process.
Zach
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: