10-27-2007 10:30 AM
I am looking for the correct placement of WAE 512 appliances. I have a data center where WAAS Central Manager and WAE 512 Core appliances will be installed. The Data center will be set up as follows:
1841 rtr xover to PIX515e xover to WAAS Core strait through to LAN switch.
At one remote site I will setup WAE 512 WAAS edge in the following manner:
1841 rtr xover to PIX506e xover to WAAS Edge straight through to LAN Switch. I have a site to site ipsec VPN tunnel between the two PIX Firewalls. Does this configuration seem appropriate or have I missed something?
Additionally, I have ver 6.3 on both PIX's and am wondering about the config for that IOS ver.
Thanks in advance
10-27-2007 11:15 PM
i'm not sure 100% you should configure pix to inspect waas traffic by commands
policy-map global_policy
class inspection_default
inspect waas
service-policy global_policy global
but it work in version 7.2.3 of pix or ASA firewall
10-27-2007 11:20 PM
I will try that config, but i will likely need to upgrade to get it to work.
As for your topology, you have WAAS between your ASA and LAN switch? with the WAAS connected to ASA via Cross over cable and straight through to the switch?
10-31-2007 07:47 AM
You have to run 7.2(3) Code for the "fixup" so the remote site with the 506E isn't going to work. You can make it work by basically disabling all firewall capabilities in the 6.3(x) releases, but not recommended.
10-31-2007 11:35 AM
Exactly what I discovered. So, I purchased an ASA 5505 to replace the PIX 506e and had to upgrade it from 7.2 (2) to 7.3 (3). I will be upgrading the PIX 515 e Friday night and will be installing equipment at the remote site on Sunday. I'll let you know how it goes.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide