WAE behind router doing NAT

Unanswered Question
Apr 23rd, 2008
User Badges:
  • Bronze, 100 points or more

Hi,

Are there any known issues with a WAE sitting behind a router thats static nating addresses? For example, I know connections are being optimized because I can see them using the "sh tfo conn summ" command. These connections do not show up under the Connections Statistics tab in the CM though.


Thanks,

Mike

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Zach Seils Wed, 04/23/2008 - 07:22
User Badges:
  • Cisco Employee,

Mike,


In general, IP address translation at Layer 3 should be ok for non-WAFS traffic.


Does the CM how no output, or just not the connections you are looking for?


Zach



mike-greene Wed, 04/23/2008 - 08:21
User Badges:
  • Bronze, 100 points or more

Thanks Zach,

I see the 4050 connections to my other WAE's and I see the SSL connection from the CM to the WAE. There is an FTP transfer going though that I can see in the CLI but not in the CM.


There is not much going through it currently so in the CLI I see all the 4050 connections, the SSL connection and the FTP transfer. The only one thats not in the CM is the FTP transfer.


Mike

Zach Seils Thu, 04/24/2008 - 08:56
User Badges:
  • Cisco Employee,

Mike,


Email me a screen shot of the CM and CLI output side-by-side.


What WAAS version are you running?


Thanks,

Zach



mike-greene Thu, 04/24/2008 - 10:15
User Badges:
  • Bronze, 100 points or more

Thanks Zach,


I emailed the screen shots and cli. I'm running 4.0.17.b.14 on all my WAE's and two CM's.


Thanks,

Mike

Zach Seils Fri, 04/25/2008 - 01:39
User Badges:
  • Cisco Employee,

Mike,


Was the output taken at the same time? Looking at the established connections on port 4050, the IP addresses match, but the ephemeral ports do not.


What type of NAT is being used? Do you have a topology diagram you can share?


Zach



mike-greene Fri, 04/25/2008 - 06:10
User Badges:
  • Bronze, 100 points or more

Zach,

The screen shots and the sh tfo were done moments apart. I have attached a Visio of the setup.


Thanks,

Mike



Attachment: 
Zach Seils Mon, 04/28/2008 - 13:16
User Badges:
  • Cisco Employee,

Mike,


Can you please do the following and send me the output:


1. Take screen shot of connection listing from CM.


2. Get 'sh tfo conn summ' output from WAE CLI.


3. Get output from 'type .tfo_conn_all_stats' command on WAE CLI.


Thanks,

Zach



mike-greene Tue, 04/29/2008 - 06:59
User Badges:
  • Bronze, 100 points or more

Thanks Zach.


I shot you an email with everything above.


Thanks,

Mike

Zach Seils Tue, 04/29/2008 - 21:41
User Badges:
  • Cisco Employee,

Thanks Mike. The connection listing that's being dumped and provided to the CM does not match the CLI. I have opened CSCsq02282 for this issue.


Zach



Actions

This Discussion