Showing results for 
Search instead for 
Did you mean: 


WAAS Express Back-to-Back

Hi Colleagues,

I'am not sure if this planed setup are valid.

We already use 2 ISR G2 (3945) connected via GRE/IPsec. Since we also extend the MPLS Core with this link to the Remote Office (need several VRF's there) MPLS / LDP ist running over the GRE Tunnel. This setup is working well for several years.

Now we try to optimize the TCP Traffic with WAAS express, we're aware that features like DRE are not supported but compression / TFO should work.

As we have used the (GRE) Tunnel-Interface as WAAS WAN Interface ("waas enable" command) but autodiscovery of the router on the other side of the tunnel doesn't work...

Maybe this is the wrong interface (the Tunnel) and we have to use the (physical) WAN Port? Or is this setup (WAAS express for a MPLS over GRE Over IPsec link) not supported at all ?

Any feedback welcome




We run IOS 152-3.T2


interface Tunnel2

description WAN

ip address <our Tunnel-IP>

ip mtu 1500

ip pim sparse-mode

ip virtual-reassembly in

ip virtual-reassembly out

ip tcp adjust-mss 1422

ip ospf mtu-ignore

mpls ip

tunnel source GigabitEthernet0/2

tunnel destination <IP of our Tunnel-Destination>

tunnel path-mtu-discovery

waas enable

parameter-map type waas waas_global
  tfo optimize dre no compression lz
  tfo auto-discovery blacklist enable
  tfo auto-discovery blacklist hold-time 1440
  cpu-threshold 70
  accelerator http-express
   no enable
  accelerator cifs-express
   no enable
  accelerator ssl-express
   no enable


sh waas status

IOS Version: 15.2(3)T2
WAAS Express Version: 2.0.0

WAAS Enabled Interface        Policy Map                             
Tunnel2                       waas_global                            

WAAS Feature License
     License Type:                           EvalRightToUse
     Evaluation total period:                8  weeks 4  days
     Evaluation period left:                 8  weeks 2  days

DRE Status                        : Disabled
LZ Status                         : Enabled
CIFS-Express AO Status            : Disabled
SSL-Express AO Status             : Disabled
HTTP-Express AO Status            : Disabled

Maximum Flows                     : 50
Total Active connections          : 0
Total optimized connections       : 0

Router-xyz#sh waas auto-discovery blacklist
Server IP           Insert Time              State         

Router-xyz#sh waas auto-discovery list     
E: Established, S: Syn, A: Ack, F: Fin, R: Reset  M: eMbryonic
s: sent, r: received, O: Options, P: Passthrough
Src-IP:Port              Dst-IP:Port              Orig-St        Term-St       

Router-xyz#show waas connection detailed
--- nothing ----

Cisco Employee

Hello Hoger,

You should enable WAAS on the L3 interface that gets the interesting traffic, so the tunnel, not the physical port.

If this is a lab environment I would start by enabling the WAAS Express debugs on the device: log debug output on the console or to a syslog server and do:

debug waas auto-discovery events

debug waas auto-discovery operations

debug waas auto-discovery error

Then try a connection. Do this of course on both routers at the same time.

Do you get an interesting messages in the logs?

Best regards, Peter

Hello Peter!

Thanks for your response.

Yes we have WAAS enabled on th Tunnel interface (and that's not working)

I've attached the output of:

sh debug
   WAAS auto-discovery events debugging is on
   WAAS auto-discovery errors debugging is on
   WAAS auto-discovery operations debugging is on
   WAAS infrastructure events debugging is on
   WAAS infrastructure errors debugging is on
   WAAS infrastructure operations debugging is on
   WAAS management events debugging is on
   WAAS management errors debugging is on
   WAAS TFO events debugging is on
   WAAS TFO errors debugging is on
   WAAS TFO operations debugging is on

But i've still no idea what's the problem....

Best regards,


Content for Community-Ad