WAAS Inline diagram help

Unanswered Question
Oct 27th, 2007
User Badges:

I am looking for the correct placement of WAE 512 appliances. I have a data center where WAAS Central Manager and WAE 512 Core appliances will be installed. The Data center will be set up as follows:

1841 rtr xover to PIX515e xover to WAAS Core strait through to LAN switch.

At one remote site I will setup WAE 512 WAAS edge in the following manner:

1841 rtr xover to PIX506e xover to WAAS Edge straight through to LAN Switch. I have a site to site ipsec VPN tunnel between the two PIX Firewalls. Does this configuration seem appropriate or have I missed something?


Additionally, I have ver 6.3 on both PIX's and am wondering about the config for that IOS ver.


Thanks in advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
eng.usama Sat, 10/27/2007 - 23:15
User Badges:

i'm not sure 100% you should configure pix to inspect waas traffic by commands

policy-map global_policy

class inspection_default

inspect waas

service-policy global_policy global


but it work in version 7.2.3 of pix or ASA firewall

lmanaughkcc Sat, 10/27/2007 - 23:20
User Badges:

I will try that config, but i will likely need to upgrade to get it to work.

As for your topology, you have WAAS between your ASA and LAN switch? with the WAAS connected to ASA via Cross over cable and straight through to the switch?


jasobrown Wed, 10/31/2007 - 07:47
User Badges:

You have to run 7.2(3) Code for the "fixup" so the remote site with the 506E isn't going to work. You can make it work by basically disabling all firewall capabilities in the 6.3(x) releases, but not recommended.

lmanaughkcc Wed, 10/31/2007 - 11:35
User Badges:

Exactly what I discovered. So, I purchased an ASA 5505 to replace the PIX 506e and had to upgrade it from 7.2 (2) to 7.3 (3). I will be upgrading the PIX 515 e Friday night and will be installing equipment at the remote site on Sunday. I'll let you know how it goes.

Actions

This Discussion