cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
622
Views
0
Helpful
4
Replies

WAAS not working properly

dmitri_vilesov
Level 1
Level 1

Hallo! I have this network topology:

Router A:

WAN - *.*.*.188

LAN1 - 172.16.99.1

LAN2 - 172.16.98.1

Test Computer A - 172.16.99.99

Central Manager - 172.16.99.3

Core-WAE - 172.16.98.2 (PBR Interception)

Router B:

WAN - *.*.*.45

LAN - 192.168.3.252

Edge-WAE - 192.168.3.254 (Inline interception)

Test Computer B - 192.168.3.9

I have GRE tunnel between Router A and Router B. I have configured traffic interception and it seems working fine, because in Connections tab (on Core-WAE and Edge-WAE both) i can see all activity between CompA and CompB (such as RDP, file transfer via HTTP and so on) but in applied-policies column i always see "NONE" , so there is no optimization. What could be the problem?

Thank you in advance!

4 Replies 4

dstolt
Cisco Employee
Cisco Employee

Dmitri,

It sounds like your WAEs are not using the same policy or not seeing all the traffic. If you use from the CLI "Show tfo connect summ" you can see why the connections are in Passthrough. You can also see historically why connections are in passthrough via the following command "sh stat tfo pass-through". That should give you a place to start with why things are not being optimized.

I would validate 2 things:

1. Ensure you have pushed the same application policies to both WAEs via the "all device group" by restoring the defaults and then forcing the device group if needed.

2. Double check your pbr interception at the core and make sure you are intercepting in both directions (LAN and WAN based traffic).

See what you get and then we can dig further.

Hope that helps,

Dan

Hello, Dan!

Thank you for your answer! I have applied default policies to All Devices Group again and it still not working.

Here is "sh tfo connesction sum output" (when i'm using remote-desktop:

Core-WAE:

172.16.99.99:3912 192.168.3.9:3389 PT Asym Client

Edge-WAE:

192.168.3.9:3389 172.16.99.99:3912 PT In Progress

here is HTTP file transfer:

Core-WAE:

Core-WAE#sh tfo connection summary

Pass-Through Connections

Local-IP:Port Remote-IP:Port Conn Type

172.16.99.99:4370 194.186.55.27:2041 PT In Progress

192.168.3.9:1757 172.16.99.99:80 PT In Progress

64.12.25.145:443 172.16.99.99:4371 PT In Progress

194.186.55.27:2041 172.16.99.99:4370 PT In Progress

172.16.99.99:80 192.168.3.9:1757 PT In Progress

172.16.99.99:4371 64.12.25.145:443 PT In Progress

Edge-WAE#sh tfo connection summary

Pass-Through Connections

Local-IP:Port Remote-IP:Port Conn Type

172.16.99.99:80 192.168.3.9:1757 PT No Peer

192.168.3.9:1757 172.16.99.99:80 PT No Peer

Dimitri,

You are missing interception somewhere, most likely at the core if you are using inline at the edge.

PT No Peer means he doesn't see a WAE at the other end of the autodiscovery session. PT Asynch Client means he only sees one side of the connection (only syn or ack).

I would double check at the edge that there isn't another link not going through the inline card. At the core, make sure you pbr statements are on both the WAN and LAN links.

Can you share your network diagram and core router(s)/WAE configs?

Dan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: