Hi Dan,

Yes.Both WAEs see traffic. The reasons listed are PT in progress and PT no peer. As a result there are not blue boxes on the topology page.

Do both WAEs see the same traffic in the connection lists?

How are you intercepting? Can you share your topology?

I am having the same issue after upgrading to 4.1.1. I opened a TAC case over an hour ago but have not received a return call.

Can you detail what commands in CLI to use to provide the information you are requesting?

UPDATE: sh auto-discovery list

E: Established, S: Syn, A: Ack, F: Fin, R: Reset

s: sent, r: received, O: Options, P: Passthrough

Src-IP:Port Dst-IP:Port Orig-St Term-St

Edge WAE is not performing auto-discovery? Core WAE is performing auto-discovery.

The commands in 4.1 have changed to more reflect parity across the show commands and other new feature commands.

Have you got what you needed from the TAC?

Dan

TAC was able to point me in the right direction.

Great. Good luck with your deployment.

Dan

What did TAC have you do? I'm having the same problem.

For me, changes were made to routing. Multiple routes existed for the redirected traffic, it was not being intercepted properly and peer discovery was not occuring properly.

I am having the same issue. How did you find the multiple routes and what were they to? Where there multiple routes from the edge to the core or core to edge? I am going to the client tommorow hopefully thats it.

I was able to resolve my issue by changing the access list for the WCCP. I guess this is something to do with the changes when going to transperent mode. Previously I had an access list with a permit on the core to the edge networks, and at the edge I had an access list with a permit from the edge to the core networks. After the change to the transparent I had to put a permit on both sides.

So before I had an access list similar to this:

access-list 120 permit ip 192.168.1.0 0.0.255.255 192.168.2.0 0.0.255.255

access-list 120 deny ip any any

Now I have something like:

access-list 120 permit ip 192.168.1.0 0.0.255.255 192.168.2.0 0.0.255.255

access-list 120 permit ip 192.168.2.0 0.0.255.255 192.168.1.0 0.0.255.255

access-list 120 deny ip any any

A quick way to test this is just to change the WCCP to not use an access list by using the commands:

ip wccp 61

ip wccp 62

Obviously this doesn't apply if you are using WAAS inline.

we have this on the edge, where 10.32.1.0/25 is the lan side of the remote

access-list 100 permit ip 10.32.1.0 0.0.0.127 any

access-list 100 permit ip any 10.32.1.0 0.0.0.127

and this on the core so it should be good.

access-list 100 permit ip 10.32.1.0 0.0.0.127 any

access-list 100 permit ip any 10.32.1.0 0.0.0.127

However i do agree on taking the acl off to see if that it.

Just a FYI that we had rebooted both the cores one at a time and that seems to have fixed it. Weird.

yes they see the same traffic in the connection lists. Please see

below

CORE

10.12.14.7:445 10.12.20.14:4955 PT No Peer

10.12.20.69:3049 10.2.50.103:80 PT No Peer

10.12.29.158:4427 10.12.14.73:1144 PT In Progress

10.12.14.11:8080 10.12.20.62:1855 PT Server Blackli

10.12.14.14:1199 10.12.20.89:3620 PT No Peer

10.12.20.62:1785 10.12.14.7:445 PT In Progress

10.12.29.21:1256 10.2.50.97:80 PT In Progress

10.12.29.33:2248 10.12.14.6:135 PT App Cfg

10.12.29.83:4882 10.2.50.97:80 PT No Peer

10.12.14.9:1142 10.12.29.33:2241 PT In Progress

10.12.14.4:1025 10.12.20.62:1758 PT In Progress

10.12.14.14:1199 10.12.29.28:2361 PT No Peer

10.12.20.33:3448 10.12.14.3:1202 PT In Progress

10.12.20.66:4486 10.12.14.6:135 PT In Progress

10.2.50.97:80 10.12.29.83:4882 PT No Peer

10.12.14.7:445 10.12.20.90:3666 PT In Progress

10.12.29.220:2749 10.12.1.179:1433 PT In Progress

10.12.20.78:3915 10.12.14.14:80 PT No Peer

10.12.20.14:4891 10.12.14.9:1142 PT In Progress

10.12.29.25:4487 10.12.14.14:80 PT No Peer

10.2.50.97:80 10.12.29.85:4612 PT In Progress

10.12.29.56:4305 10.12.14.6:1025 PT In Progress

EDGE

10.12.20.113:3178 10.2.50.103:80 PT No Peer

10.12.14.14:1199 10.12.20.89:3620 PT No Peer

10.12.14.14:1199 10.12.20.32:1489 PT In Progress

10.12.20.62:1887 10.12.14.11:8080 PT In Progress

10.12.14.11:8080 10.12.20.62:1887 PT In Progress

10.12.20.54:1849 10.12.14.3:1202 PT In Progress

10.12.14.14:1199 10.12.20.188:3845 PT In Progress

10.12.14.236:80 10.12.20.78:3918 PT No Peer

10.12.14.4:1025 10.12.20.69:3025 PT In Progress

10.15.1.3:1154 10.12.20.35:50478 PT No Peer

10.12.14.9:1142 10.12.20.75:2770 PT In Progress

10.12.20.75:2773 10.12.14.9:1035 PT No Peer

10.12.14.7:445 10.12.20.63:1492 PT No Peer

10.12.20.75:2767 10.12.14.9:1142 PT No Peer

10.9.1.13:1390 10.12.20.13:2597 PT In Progress

10.12.14.14:1199 10.12.20.69:3055 PT In Progress

10.12.20.78:3915 10.12.14.14:80 PT No Peer

10.2.50.119:8085 10.12.20.62:1903 PT No Peer

10.12.14.9:1142 10.12.20.75:2771 PT In Progress

10.12.20.75:2680 10.9.1.13:1390 PT In Progress

10.12.20.14:4891 10.12.14.9:1142 PT No Peer

10.9.1.13:1390 10.12.20.75:2680 PT In Progress

10.12.14.11:8080 10.12.20.62:1904 PT Server Blacklist

10.12.20.78:3918 10.12.14.236:80 PT No Peer

The core wae is in a separate subnet hanging off the WAN aggregation

router and intercepting traffic using wccp

The edge wae is using wccp egress method to intercept traffic at the remote site

i am running version 4.0.17 and i dont have the command sh auto-discovery list

is there a way out here?