03-12-2007 06:06 PM
Hello Friends,
I have setup a test WAAS setup. The remote site connects to the main site through a site-to-site VPN connection. Cisco 1841 router is doing WCCP redirection at the remote end without any access lists. So all the traffic is being intercepted. I have set it up as explained in the WAAS quick config guide. File services are working fine but email, http and citrix traffic is being blocked somewhere in the network. This means WAFS is working but application acceleration is not at all working.. When I disable WCCP, everything works.
What am I doing wrong here?
thanks
Ankit
Solved! Go to Solution.
03-23-2007 07:57 AM
Ankit,
Per Cisco the
Minimum Recommended Versions (IOS Routing Platforms) for WCCP w/ WAAS are
M Train
12.4(10)
T Train
12.4(9)T1
You might want to try upgrading your IOS to 12.4(10) or the T train if possible. I would start there.
Found these caveats on 12.4 code
?CSCuk61396
Symptoms: WCCP service redirection may not work. In particular, packets that are rejected by a third-party vendor appliance device and are returned to the router for normal forwarding may be discarded.
Conditions: This symptom is observed on a Cisco router when NAT or Cisco IOS Firewall features are enabled on the same interfaces that have WCCP enabled.
Workaround: There is no workaround.
HTH
Mike
03-20-2007 05:58 PM
Ankit,
It sounds like you might have a routing loop. Does this DOS on application traffic affect pings as well or is it just tcp application traffic that is affected? Where are you applying redirect statements at the remote site and at the core?
Can you post a drawing of your traffic flow between client and server and configs if possible?
As a general rule i always use redirect ACLs to prevent certain traffic - TACACs for example from getting looped in HA routing scenarios. All depends on your topology though.
03-20-2007 06:47 PM
Hi Michael,
My access lists are just permitting tcp traffic to and from that remote site. I can VNC to a machine on that site but my session doesn't last longer than a few seconds.
I changed my application policies to bypass email,http and vnc traffic and things started working fine. But this destroys the purpose of application acceleration, doesn't it?
Then I tried running PBR as opposed to WCCP version2 and guess what, everything worked using the same access-list I had. Which is why is said WCCP breaks application traffic.
I posted this query more than 15 days ago and no one seemed to reply. Luckily, I happened to figure out a solution and since you took the effort to reply to my post I thought I would share it with you.
thanks for your reply
Ankit
03-22-2007 06:09 AM
What versions of IOS are you using? I know there are issues with earlier revs that could cause issues.
Are you dual homing your WAEs anywhere in the topology? Are the WAEs on seperate ip subnets at each site or on the same subnet where the clients are located?
03-22-2007 04:51 PM
Hi Michael,
The WAE's are sitting on a separate subnet at each site. I read the requirements for WAAS setup which mentions having a separate subnet for the WAE.
IOS version on the 1841 router:
Version 12.4(1a), RELEASE SOFTWARE (fc2)
Ankit
03-23-2007 07:57 AM
Ankit,
Per Cisco the
Minimum Recommended Versions (IOS Routing Platforms) for WCCP w/ WAAS are
M Train
12.4(10)
T Train
12.4(9)T1
You might want to try upgrading your IOS to 12.4(10) or the T train if possible. I would start there.
Found these caveats on 12.4 code
?CSCuk61396
Symptoms: WCCP service redirection may not work. In particular, packets that are rejected by a third-party vendor appliance device and are returned to the router for normal forwarding may be discarded.
Conditions: This symptom is observed on a Cisco router when NAT or Cisco IOS Firewall features are enabled on the same interfaces that have WCCP enabled.
Workaround: There is no workaround.
HTH
Mike
03-26-2007 02:38 PM
Hi Mike,
I tried the same config on a 1841 router with IOS Version 12.4(11)T. Everything works as normal. Thanks for your help.
cheers
Ankit
03-28-2007 10:08 AM
Awesome :)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide