cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2033
Views
0
Helpful
4
Replies

WSA - Centralized Configuration

James.Longman
Level 1
Level 1

All,

A quick question about the WSA as someone coming from the C series.

If I want to install two or three and manage them centrally what are my options? For the C series I'd probably just use the inbuilt peer-to-peer clustering unless I needed the better reporting and would then add an M series. However looking at the WSA's documents I can't find any mention of this.

Can I do the peer-to-peer setup for the WSA? I've been quoted for a 3 year licence for "Centralized Configuration Manager" (with some s370s), does that mean the peer-to-peer setup is an add-on now? Or does that mean an M series?

Thanks for any enlightenment!

J

1 Accepted Solution

Accepted Solutions

James,

Yes, it sounds like they quoted an M series box... I'd have to see the quote to be sure.

You don't "cluster" the WSA, "high availabilty" and/or load balancing is a function of how you get traffic to the box: WCCP, or failover entries in the PAC file...

To get the config in sync, you can set get each box alive on the network(nostnames, ips,joined to the domain, certificates, etc.). Set one up completely, with all of the policies, identies, etc. Save the config off the box. Its XML, so you can see the unique section at the top.. just take that section off and import it to the other boxes...

Hope that helps.

Ken

Sent from Cisco Technical Support iPad App

View solution in original post

4 Replies 4

James,

Yes, it sounds like they quoted an M series box... I'd have to see the quote to be sure.

You don't "cluster" the WSA, "high availabilty" and/or load balancing is a function of how you get traffic to the box: WCCP, or failover entries in the PAC file...

To get the config in sync, you can set get each box alive on the network(nostnames, ips,joined to the domain, certificates, etc.). Set one up completely, with all of the policies, identies, etc. Save the config off the box. Its XML, so you can see the unique section at the top.. just take that section off and import it to the other boxes...

Hope that helps.

Ken

Sent from Cisco Technical Support iPad App

Many thanks!

That's roughly what I thought. Just to double check...

  1. For a WSA if I want centralised management it means a M series (there's no P2P like the ESA has)
  2. I can still do the old XML config trick to make two boxes essentially the same
  3. And I want clustering (as in high availability, rather than centralised management) I need to look upstream to PAC/WPAD/WCCP/whatever

That's right?

Yep.

Sorry I didn't get back to you sooner - many thanks for your help one this! Spot on!