WAAS Blocking some Microsoft Services

Unanswered Question
May 24th, 2008
User Badges:


I am currently running a WAAS POC at a bank and I have run into the following problem;

- The WAAS core device is placed in-line at the HQ and it seems to block the following Microsoft Services on all the branches that connect through this kit, Microsft Outlook MAPI, Microsoft CIFS and Microsoft Terminal Serices.

Basically remote branch users are complaning that they cannot access the Exchange server through outlook MAPI, they cannot connect to a file server to access scanned documents and they cannot connect to windows terminal services.

Apparently the Core WAE is connecting to a packeteer device that can only do half-duplex hence the WAE is giving a major error that it is running on half-duplex. There is an Tipping point IPS device after the packeeter device but the branches were working well without the WAAS kit hence ruling out that the IPS or packeteer is the problem.

What could be making the WAE to block the microsoft services and not other services like HTTP?

Urgent as Riverbed & Juniper are running a parallel POC and this might affect Cisco's WAAS image!!!



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Zach Seils Tue, 05/27/2008 - 08:08
User Badges:
  • Cisco Employee,


Are other types of traffic working/optimized through WAAS?

I would like to understand your setup in more detail. Can you please provide:

1. Topology diagram.

2. WAAS software version

3. System report from both WAEs



edwardwaithaka Tue, 05/27/2008 - 08:36
User Badges:


The setup is as follows;

[Branch Lan]---[switch]---[WAE512-inline]---[Branch Router]-----ZZWAN-LINKZZ-------[HQ Router]----[WAE512-inline(core)]---[PacketShaper]---[TippingPoint]-----[HQ Switch]-----[HQ LAN]

WAAS OS = 4.0.13

Optimization had stated taking place (x1.2) and there were several connections in the connection statictics page(Monitoring).

HTTP/HTTPS traffic was getting optimized.

Zach Seils Wed, 05/28/2008 - 23:17
User Badges:
  • Cisco Employee,


Can you please confirm that the EPM adapter is disabled on both WAEs:

no adapter epm enable



edwardwaithaka Wed, 05/28/2008 - 23:39
User Badges:


Will confirm this but in the mean time, how does this configuration affect the services?

edwardwaithaka Thu, 05/29/2008 - 01:02
User Badges:


Seems EPM may be the problem considering the HQ router has different VSAT transmit & receive links.

I also got the following;

"As you are all aware there is a known documented condition with EPM (bug CSCsg11506). As result of this, EPM traffic in asymmetric routing environments breaks the communications between client and server for DCOM applications such as Microsoft Exchange, Active Directory, and others.

The 4.0.7 release of WAAS enables the EPM Classification feature by default. If you are supporting an environment with asymmetric routing, be sure to manually disable EPM Classification on all WAEs in the network through the Central Manager. The 4.0.9 maintenance release, due shortly, will have EPM Classification disabled by default. A full fix for the EPM Classification issue in asymmetric routing environments will be available later this year."

Most of the affected services were Microsoft DCOM based i.e. MAPI,Term Services & CIFS.

Will disable the feature and test (the feature was enable on my device groups).

We recently encountered a similar issue where ONLY MS services, Outlook, Exchange and Office Communicator - were breaking from a core datacenter.

The EPM adapter is and has always been off.

Things were working fine for a few weeks - all of a sudden over night they stopped.

If we disable WCCP they work - when we re-enable it breaks.

The only thing I am concerned about is this.

In the data center - there are 2 6509's.

One is the active HSRP router for all LANs - the other is standby.

However - the standby router for the LAN's is the single router for the MPLS connection, where wccp 62 In resides.

If you look at wccp - all of the 61 hits are on router A (hsrp active for lan) and all of the 62 hits are on router B (62 in MPLS).

Do you think that is somehow related to breaking the MS services ?

Zach Seils Sun, 07/13/2008 - 19:55
User Badges:
  • Cisco Employee,


Do you see any other indications of a problem in the WAE syslog.txt file?

I'm also curious where you are seeing the WCCP "hits". With WCCP on the 6500, the packets redirected counters should not increment when redirection is handled in hardware.


Hi Zach, we opened a TAC case (SR 609076799) last week, and the tac engineer said he noticed something immediately in the system report.

"I went through the system report on the Core side and saw the following messages:

A new view from the router with the given change number: 17

New web cache in hash compute assignment

These two messages combined with Catalyst software version leads me to believe

that the Catalyst IOS could be part of the cause.

In addition to this, I would like to bring your version to the one that BU supports so that

if you continue to experience the issue after the software upgrade, it will be easier.

Please upgrade the IOS version to 12.2(18) SXF14 after making sure that the

version would be suitable for your environment."

And he explained there are known bugs with WCCP in the version of IOS I am running on the 6500's.

I'll double check to make sure we're doing l2 on the 6500's - but the hits I am referring to are on the redirect-list ACL's.

We control which traffic by subnet in the redirect ACL and I look at the counters on those ACL's to see where traffic was incrementing.

61 in was on Router A, 62 in was increminging on Router B.

ronbuchalski Mon, 07/14/2008 - 10:43
User Badges:


Address the performance bottleneck first. Packeteer only doing half-duplex? Maybe it only supports auto-negotiation and you have it hard set on the WAE. Change the WAAS to auto-negotiate and see if that problem goes away.

Regarding WAE and Microsoft (MAPI, CIFS, Terminal Services) I currently have a WAE pair on a WAN link, and these three services are passing over the link without problems. CIFS needs to be explicitly configured for acceleration, otherwise it will just be passed through. The others have default policies configured.

Try disabling the policies for these and see if they begin to pass through properly. If so, then you need to figure out why it's blocking. Are you using any ACLs to classify traffic for acceleration? If so, check the ACL matching to see if the MS traffic is being denied.



This Discussion