Waas noob problems

Answered Question
Feb 26th, 2010


Just installed a waas solution. The first one ;-)

A 674 on central site with a 274 as central manager.

One 574 in the company China department.

Both 674 and 574 is inline. Software version 4.1.5c

Everything looks ok in the central manager but no acceleration takes place.

All traffik are seen as Pass-Through.

What is the minimum configuration to start optimization ?

Links between the sites is ASA Vpn's

Please help ;-)


I have this problem too.
0 votes
Correct Answer by Zach Seils about 6 years 7 months ago

Do you have WAAS inspection enabled on the ASA firewalls?  Take a look at the attached document for configuration details.



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Zach Seils Fri, 02/26/2010 - 12:04

Can you provide a topology diagram?  I am specifically interested in the location of the firewalls relative to the WAAS device.


pbuch Fri, 02/26/2010 - 12:10

In both ends, the waas devises are directly on the inside of the asa boxes.

ASA to switch vlan 900 and through Waas to inside vlan.

Central manager records traffik, but "blue" all Traffic Pass-Trough


pbuch Fri, 02/26/2010 - 23:56

I have now !!

And its nice to se some optimization :-)

Testing now


pbuch Sun, 02/28/2010 - 05:09

So far the tests looks good.

Monday will tell :-)

The link is from Denmark to China, limited by a 10Mbit connection in China and 200-300ms delay.

Primary "problem" is opening files over the link, and remote desktop (MS terminal service) and an AS400 applikation (telnet ?)

I guess that there is very little that can be done with remote desktop and telnet.

Any hints about what i should change from default ?


pbuch Mon, 03/01/2010 - 04:22

When testing i get some strange results.

Transferring 50Gb file to China takes 14minutes without the waas boxes, strangely it altso takes 14 minutes with the waas.

Transfering the same file from China to Denmark takes 7 minutes without waas and only 4 minutes with the waas boxes.

Second time transfer is instant both directions as the file gets cached.

It's like transfer to china dosent get accelerated but only cached.

Looking at the connections i can't se a difference.

any ideas ?


Zach Seils Mon, 03/01/2010 - 06:54

How are you performing the file transfer?  Can you please post the output of the command sh stat conn while the transfer is



pbuch Tue, 03/02/2010 - 04:02

After some work and a "clear cache cifs" it seem like everything is in fine condition now.

In fact i am a little impressed by CIFS performance ;-)

Any hints about rdp optimizing ?


Zach Seils Tue, 03/02/2010 - 06:29

You can disable the native RDP encryption/compression and change the WAAS policy to "Full Optimization".  To disable compression on the RDP configuration file, follow these  steps:

  1. Open the RDP connection (.rdp) file in  Notepad
  2. Change the line compression:i:1to compression:i:0
  3. Save the file

After the change is made, any new connection using the changed file  will not use RDP compression.

The following steps are used to disable encryption on Windows  virtual desktops:

  1. Set  HKLM\System\CurrentControlSet\Control\Terminal  Server\WinStations\RDP-Tcp\MinEncryptionLevel to 1.
  2. Create HKLM\System\CurrentControlSet\Control\Terminal  Server\WinStations\RDP-Tcp\SecurityLayer as a DWORD value and set it to  0.
  3. After editing the registry restart the virtual machine. The  registry settings take effect only after a reboot.

Large deployments should use Microsoft Active Directory to push these  changes to the virtual desktops.  Note: On Windows XP 32 bit Virtual Desktop Machines, a hot-fix  from Microsoft was used to add capability to disable RDP protocol  encryption. However, this hot-fix was not required to disable RDP  protocol encryption on Windows XP 64-bit and Windows Vista desktops.  The hot-fix is available for download from the following Microsoft  download page http://support.microsoft.com/default.aspx?scid=kb;EN-US;956072.



pbuch Tue, 03/02/2010 - 07:09

That needs to be tested :-)

Guess that the difference is marginal, but anything can be usefull.

I would like to expand the setup with some WAVE-274 on the smaller sites.

Can they handle traffic to 3-4 sites ?

Whats the limit with these small boxes ?


Zach Seils Tue, 03/02/2010 - 07:39

Our tests with RDP show that the compression ratios can be quite high (upwards of ~70%), so the improvement isn't insignificant.

In terms of the WAVE-274, it is targeted for WAN links up to 2Mbps and 200 concurrent optimized connections.  While the WAVE-274 isn't intended for full mesh environments, 3-4 peers should be fine.




This Discussion