Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

WAAS strange behavior


I have a very strange problem on the network since I put WAAS.

The architecture is as following :

Central site with access to remote sites else via MPLS operator network (provinding its routers) else via IPSec VPN with firewall.

Recently it was decided to try the WAAS solution to enhance performance on a particular remote site.

So I have one WAVE274 as manager on the central site, one WAVE474 (inline) between the network and the operator router leading to approximatively 100 remote sites, a WAVE474 on one remote site only (inline too).

All was properly functionning : Optimization and so on between the 2 WAVE474, no action for other remote sites (of course).

My problem is that access to one particular URL (really needed) from all the remote sites passing through the central WAAS box is not available anymore !!! Access to that URL is OK from all remote VPN sites and from the central site.

When putting off the WAVE474 of the central site, the URL access is regained.

I can't understand. I thought that only the traffic between 2 WAAS peers was optimized (modified) and that trafic passing through only one WAAS box was not modified (the central WAVE acting in that case as a wire).

Any idea ?

New Member

Re: WAAS strange behavior

Could anyone confirm me that traffic going through only one WAAS box should not be disrupted, please ...


Re: WAAS strange behavior

Correct, non- waas installed sites will not try and get optimized. This is because WAAS uses auto-discovery inserting an option in the TCP options field. If waas is not installed on the remote sites there should be no tcp options.

I would check to make sure you have no access-lists configured on the WAVE.

Post you configuration for others to take a look at.

Also what version are you running? Do you have VBs enabled?

New Member

Re: WAAS strange behavior


Sorry for the delay, I was not available till now.

The version used is 4.1.1.d and the configuration is the default one for inline use. I have just IP parameters for the management and I plugged the 2 inline ports without any additional config, just to see the improvement between the central site and one particular remote site.

Unfortunalely, it seems affecting all the remote sites, even those without WAAS box ...

New Member

Re: WAAS strange behavior


I have some new information, but the problem is still there ...

I tested again the problematic web site when getting through only one WAVE :

1/ My PC -> central WAVE -> LAN -> FW -> Internet

--> OK

2/ Remote Site -> ISP remote router -> ISP backbone -> ISP central router -> central WAVE -> LAN -> FW -> Internet

--> Not OK no access to the web site

3/ Remote Site -> Remote WAVE -> ISP remote router -> ISP backbone -> ISP central router -> LAN -> FW -> Internet

--> OK

I upgraded the 3 WAVE (central manager, remote + central) to version, but it was not better.

Any new idea ?

Could anyone with WAAS test the access to this web site, please ?

The URL is :

If this particular site has problem with TCP options, could we configure the WAVE not to put option just for that destination, assuming that access to other sites is OK ?

Thanks in advance

New Member

Re: WAAS strange behavior


My problem is still there.

I upgraded to the last version, as explained in my previous post but nothing better.

I created a policy to pass-through traffic to the particular site, and sometimes it works, sometimes, it doesn't.

I'd like to exempt traffic from having the TCP option set in the SYN packet because I noticed it worked only in that case, but I don't know why sometimes the wave puts it and sometimes no.

Also, could anyone test the problematic web site (with waas) to see if it works.



New Member

Re: WAAS strange behavior


Just for others who could have the same problem :

I finally modified the traffic policies in order to pass-through http traffic to the particular website and it worked.

I think there is a firewall blocking TCP options somewhere on the path.

When capturing traffic, we can see that when the TCP option is present, the connection is KO, when option is not, the connection is OK.

I'm just still wondering why WAAS puts the options every other time ...

Cisco Employee

Re: WAAS strange behavior

WAAS uses a custom TCP option to automatically discovery peer WAAS devices to optimize the connection with.  When a policy specifies that a certain type of traffic should be handled as pass-through, we don't insert the auto-discovery option.



CreatePlease to create content