Showing results for 
Search instead for 
Did you mean: 

Community Manager


Welcome  to the Cisco Networking  Professionals Ask the Expert conversation.  This is an opportunity to learn how to troubleshoot and monitor Cisco Wide Area Application Services with Bhavin Yadav and Chip Schneider.  Bhavin is a Technical Support Engineer in the San Jose campus focusing on Technical Assistance Center cases raised by customers for the Cisco Wide Area Application Services (WAAS) product. Bhavin comes with 4 years of experience with WAN optimization products, which include Cisco WAAS and Riverbed. He has worked with Cisco WAAS and Web Cache Communication Protocol (WCCP) deployments for the past two years.  Chip Schneider is a Senior Customer Support Engineer within the Cisco Technical Assistance Center for the past 10 years.  As a Customer Support Engineer, he has direct interaction with customers and is responsible for troubleshooting and resolving customer impacting issues.  He has supported the Cisco WAAS solution since its inception as well as other Content Networking products, including ACNS, IPTV, CSS11000, Content Switching Module, Global Site Selector, Cisco Application Control Engine (ACE) and others. Chip has a bachelor's degree in Telecommunications Management and holds a CCNA.

Remember to use the rating system to let Bhavin and Chip know if you have received an adequate response.;

Bhavin and Chip might not be able to answer each question due to the volume expected during this event. Our moderators will post many of the unanswered questions in other discussion forums shortly after the  event. This  event  lasts through October 8, 2010. Visit this forum  often to view  responses  to your questions and the questions of other  community members.

Ryan Posey

Today we rely heavily on WAAS to keep our IPv4 networks and centralized applications performing up to end users expectations. What does Cisco have on the radar for WAAS when we begin to migrate to IPv6?  My company is beginning their push into IPv6. Since IPSec is mandatory in version 6 I am hoping IPSec is primarily going to be used for traffic integrity and not encryption of data.  Can you guys shed some light on how Cisco is progressing and how the potential for IPSec encrypted traffic will affect WAAS ability to perform CIFS, HTTP, or any other AO?

Hi Ryan,

As you may have read in the intro section that myself and Chip both are from Post Sales Technical Support Team. Hence, we do not have much visibility to what's coming up in the future.

But, I would say that WAAS PM team is monitoring and watching this forum closely and I am sure they have taken a note of this. It's not only WAAS but Cisco as whole is looking forward to IPv6 in the very near future. But unfortunately, Product Management is not our domain of expertise and hence, can not answer this question under this Expert event.

The best person to answer this question is your Cisco Sales Account Team person.

If you have any questions / assistance required for troubleshooting / monitoring WAAS appliances, feel free to post them here as we will do our best to answer them.




I am getting following error message on my WAAS. Does it mean that CIFS acceleration has issues?

2010 Sep 22 11:49:05 WAAS Sysmon: %WAAS-SYSMON-3-445005: Fault detected: CIFS accelerator keepalive failure. 

2010 Sep 23 18:32:47 -WAAS kernel: %WAAS-SYS-3-900000: Policy Engine: (pe_keepalive_accl_cmd) MAPI (4) accelerator state changed from TIMEDOUT to REGISTERED.

2010 Sep 23 14:32:58 -WAAS Sysmon: %WAAS-SYSMON-3-445005: Fault detected: MAPI accelerator keepalive failure. 

2010 Sep 23 18:34:06 -WAAS kernel: %WAAS-SYS-3-900000: Policy Engine: (pe_keepalive_accl_cmd) MAPI (4) accelerator state changed from TIMEDOUT to REGISTERED.

2010 Sep 23 14:35:28 -WAAS Sysmon: %WAAS-SYSMON-5-445011: Fault cleared: MAPI accelerator keepalive failure. 

2010 Sep 23 18:47:43 -WAAS kernel: %WAAS-SYS-3-900000: Policy Engine: (pe_keepalive_accl_cmd) CIFS (3) accelerator state changed from TIMEDOUT to REGISTERED.

Hi Steve,

CIFS Keep alive failures could could just be due to a busy device or bandwidth issues on wan side. These messgaes does not mean that CIFS is going down. Further looking at the timeline, it looks like you are getting this intermittent which is usual during peek hours. if you get these messages more frequently, it may be something that we need to look at otherwise, for now, it looks to be normal.



My WAE-512 lost power and it shows offline in CM. When I log in from telnet, It says – disk based software not installed.  How can I recover the unit?


cscStage J Millers personalized signature

In general you may simply be able to re-install the software using the 'copy ftp install' command.  However,

you may possibly have a bad disk or some other issue with the hardware since you experienced a power

outage.  You should try reinstalling the software and if this doesn't resolve it open a service request.

Hope this helps.




After an upgrade our 674 has 8GB memory but only 3GB is available for Virtual Blades, we'd like to have 2 Blades with 2GB each, is it possible to reallocate the memory?

Thanks, Jim


The short answer is no, there's no way to allocate more memory for this.

The amount of memory allocated for virtual blades is based upon the entire

memory in the device.  For the WAE-674 with 8GB the maximum memory

available for VB is 3GB.

From this datasheet the WAE 674 can support up to 6 virtual blades

(Virtual blade sizing assumes 0.5 GB of RAM per virtual blade).





I lost administrator password for my WAE, though it shows registered in WAE and it is online. How can I recover the lost administrator password. Can I do that without affecting the production traffic going thru the unit?


cscStage J Millers personalized signature


It is not possible to recover the lost administrato password without reloading the module.

Here is the rest of the process.

The NME-WAE rescue procedure requires that a console session to the NME-WAE be established on the ISR, reboot the NME-WAE, and then interrupt the boot sequence to change bootflag to disable login security.  Here are the steps:

Step 1. Factory reset the NME service module:

Rtr1-client#service-module integrated-Service-Engine 1/0 reset      
Use reset only to recover from shutdown or failed state
Warning: May lose data on the hard disc!
Do you want to reset?[confirm]
Trying to reset Service Module Integrated-Service-Engine1/0.

Step 2. Console into the NME service module:

Rtr1-client#service-module integrated-Service-Engine 1/0 session clear
Rtr1-client#service-module integrated-Service-Engine 1/0 session    
Trying, 2066 ... Open

Step 3. At the following prompt, interrupt boot squence and set boot flags to disable login security:

WAAS boot: hit RETURN to set boot flags: 0005Available boot flags (enter the sum of the desired flags):
  0x0000 - exit this menu and continue booting normally
  0x2000 - ignore Carrier Detect on console
  0x4000 - bypass nvram config
  0x8000 - disable login security
[WAAS boot - enter bootflags (type '-' to exit)]: 0x8000
You have entered boot flags = 0x8000
Boot with these flags? [yes]:

Step 4. When the WAE completes the boot sequence, you are prompted to enter the username to access the CLI.

Cisco Wide Area Application Engine Console
Username: admin
System Initialization Finished.

Setting the configuration flags field to 0x8000 lets you into the system, bypassing all security.

Setting the configuration flags field to 0x4000 lets you bypass the NVRAM configuration.

Step 5. Once you see the CLI prompt, set the password for the user using the user modify username name password new-password command in the global configuration mode.

Step 6. Use the write command to save the configuration change.


in a simple design we have a branch office with users and a wae and a datacenter with servers and another wae. if a user A download a file A this file will be saved on the datacenter and branch waes. if a user B download the same file A, will this file come from branch wae? Or datacenter wae? Or a new copy of file A will come from the server? I asking it because I heard that waas do not permit the download of file A from user A to another user, even if this file is the file?


This answer to this is a little more complicated.  WAAS offers a couple of different methods of caching

and it all depends on the transport and accelerator in use.

If user A is mapping a CIFS share and downloading a file (assuming the client/server doesn't require

digital signatures) then once the file is downloaded by the user the file is cached on the branch WAE.

If user B maps the same CIFS share and requests the same file it can be served from the branch

WAE to user B (there is still CIFS communication back to the file server, permission checks,

concurrency checks, etc.) and user B will notice a pretty robust file transfer.  This type of caching

occurs when hitting the CIFS accelerator.

If the file is retrieved by another method (say HTTP) then the caching mechanism involved is

DRE (data redundancy elimination).  In this case, the DRE cache is populated on both

the core WAE and the branch WAE, and when user B requests the same file, the request

still goes to the origin server but instead of transferring the entire file across the WAN

signatures are sent from the core WAE to the edge WAE and the edge WAE recreates

the data chunks and delivers the data to the client.  In this fashion user B is getting

improved performance on the second request for this file.  DRE caching does not

cache entire files, rather it is caching data chunks.

I hope this helps.