our WAAS-Appliance doesnt work correctly with Check Point Firewall. It seems that the Firewall has problems with the packets modified by WAAS. The Check Point is not between the two WAEs, but however the problem appears.
The Check Point log says that this two rules are dropping the packets: "TCP SYN Modified Retransmission" and "TCP Segment Limit Enforcement".
At the attached file you can see our topology. With the ASA-Firewall there are no problems.
Do you think disabling the two Check Point IPS rules would help us to get WAAS working?
What is exactly going on with WAAS? ( are you having trouble with an specific application ? if that is the case can you get one testing pc for getting outputs from it's connection to see what is WAAS doing to the traffic?)
I would disable WAAS for an specfic testing connection to make sure if the Check Point really does not like the traffic coming from the WAE device.
ok, as I understand your topology the firewall is on the LAN site of WAAS and it should not be a problem for WAAS discovery methods, I must be missing something ... anyways I did some research I found the following post helpful can you review it?
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
In the Previous articles of ACI Automation, we are using Postman/Newman as the Rest API tool to automate the ACI Configuration.
In this article I’m going to discuss on usin...
One of the first steps in building your ACI Fabric is to go through Fabric Discovery. While Fabric Discovery is usually a straightforward process, there are various issues that may prevent you from discovering an ACI switch. This article wil...