Table Of Contents
Cisco Wide Area Application Services Quick Configuration Guide
Network Configuration Overview
Summary of the Configuration Process
Checklist for Configuring a WAAS Network
Configuring the WAAS Central Manager
Configuring the WAEs for Inline Interception
Configuring WCCP on WAAS Network Modules
Configuring WCCP on the Routers
Accessing the WAAS Central Manager GUI
Verifying Application Acceleration
Changing the Administrator Password
Obtaining Documentation and Submitting a Service Request
Cisco Wide Area Application Services Quick Configuration Guide
Software Version 4.2.1June 22, 2010This document describes how to perform a basic configuration of a Wide Area Application Services (WAAS) network that uses inline mode or Web Cache Communication Protocol (WCCP) and has three WAAS devices:
•WAAS Central Manager
•Data Center Wide Area Application Engine (WAE)
•Branch WAE
Basic configuration settings are configured using the WAAS setup utility.
This document also shows how to verify that the WAAS application acceleration feature is working properly after you have completed a basic configuration of your WAAS network.
Throughout this document, the term WAAS device is used to refer collectively to WAAS Central Managers and WAEs in your network. For detailed command syntax information for any of the CLI commands that are mentioned in this document, see the Cisco Wide Area Application Services Command Reference.
This document contains the following sections:
•Network Configuration Overview
•Obtaining Documentation and Submitting a Service Request
Network Configuration Overview
This section provides an overview of the basic configuration of a WAAS network. It contains the following topics:
•Network Configuration Example
•Summary of the Configuration Process
•Checklist for Configuring a WAAS Network
Network Configuration Example
The example WAAS network configuration shown in Figure 1 contains one WAAS Central Manager device and two WAEs that will be centrally managed through the WAAS Central Manager device. The WAEs contain Cisco WAE Inline Network Adapter cards and are deployed inline between the WAN routers and the clients or servers.
Figure 1 WAAS Network Configuration
Note Position the WAEs directly in the traffic path between the router and the clients or file servers. The WAEs intercept traffic directly through the interfaces on the Cisco WAE Inline Network Adapters and redirection is not needed.
When you install any inline WAE device, you must follow the cabling requirements described in the "Cabling" section of the "Installing the Cisco WAE Inline Network Adapter" document located on Cisco.com.
Note We strongly recommend that you do not use half-duplex connections on the WAE or on routers, switches, or other devices. Use of half duplex impedes the system's ability to improve performance and should not be used. Check each Cisco WAE interface and the port configuration on the adjacent device (router, switch, firewall, WAE) to verify that full duplex is configured.
The WAAS Central Manager must run on a dedicated appliance. You should install the WAAS Central Manager on a dedicated appliance that is located in your data center so that the WAAS Central Manager device is in the same physical location as your data center's web, file, and application servers.
Note You cannot configure the device mode as Central Manager on a WAE network module (NME-WAE) device.
Summary of the Configuration Process
The following steps summarize the tasks that are required to perform a basic configuration of a WAAS network:
1. Configure the basic network settings and define the primary interface and device mode for each of the WAEs by using the setup utility and the WAAS CLI, beginning with the WAAS Central Manager. You are given the choice to run diagnostics in the setup utility to verify the success of your configuration once all settings have been applied. See the "Configuring the WAAS Network" section.
The setup utility includes choosing and enabling an interception method: WCCP or inline. We recommend inline interception for the easiest set up. If you choose WCCP, the setup utility prompts you for a list of intercepting routers and enables TCP promiscuous mode on the WAEs.
2. (Optional) If you are using WCCP interception, configure WCCP Version 2 on the routers as described in the "Configuring WCCP" section. This step is not required if you are using inline mode and WAEs with the Cisco WAE Inline Network Adapter installed.
3. Access the WAAS Central Manager GUI to manage and monitor your WAAS network. See the "Accessing the WAAS Central Manager GUI" section.
4. Verify that the WAAS application acceleration is working properly. See the "Verifying Application Acceleration" section.
5. Change the password for the predefined superuser account. See the "Changing the Administrator Password" section.
For detailed command syntax information for any of the CLI commands that are mentioned in this document, see the Cisco Wide Area Application Services Command Reference.
Checklist for Configuring a WAAS Network
This section contains the following topics for configuring your WAAS network:
Network System Parameters
Table 1 specifies the different parameters and data needed to set up and configure the WAAS network. For your convenience, you can enter your values in the table and refer back to it when configuring the WAAS network.
Setup Utility
The following restrictions, recommendations, and requirements apply to the WAAS setup utility:
•Designed for basic WAE configuration on new installations only (otherwise the running configuration of the existing system is not reflected in the tool)
•Requires a minimum 25 row x 80 column terminal window for proper display (terminal length, if configured, must be 24)
•For hyper terminal, the emulation should be set to vt100 so that all lines show up properly (input translation should be set to Shift-JIS on the File > Properties menu
•Console logging should be disabled when executing the setup utility from the CLI to avoid system message flooding on the screen
•After a restore factory-default, the user is encouraged to run the setup utility (and is prompted with the option to do so)
Configuring the WAAS Network
To perform a basic configuration of a WAAS network that includes one WAAS Central Manager and two WAEs, perform the procedures in the order that they are presented in the following sections:
•Configuring the WAAS Central Manager
•Configuring the WAEs for Inline Interception
•Accessing the WAAS Central Manager GUI
•Verifying Application Acceleration
•Changing the Administrator Password
Note The setup utility is designed for basic WAE configuration only on new installations (not previously configured). If it is run on existing systems, the existing running configuration is not reflected in the tool and could be modified.
Configuring the WAAS Central Manager
To install and configure the WAAS Central Manager device, follow these steps:
Step 1 In the data center, unpack and connect the first WAAS device that you want to configure as the WAAS Central Manager device. You must set the port to which the WAE is connected to full duplex. For hardware installation instructions, see the hardware installation guide for the WAAS device.
Step 2 Power up the first WAAS device in the data center and open a console connection to configure the basic device network settings (see Table 1) for the WAE.
Note If you are connecting to the WAAS device using a PC as the console, the PC must have terminal emulation software installed. The terminal emulation software should be configured with the following parameters: 9600 baud, 8 data bits, no parity bits, and 1 stop bit.
You must use a console connection rather than a Telnet session for the initial configuration of these basic device network settings on the WAE. Once you have used a console connection to define the device network settings, you can use a Telnet session for subsequent CLI sessions. By default, the Telnet service is enabled on a WAAS device.
Step 3 When a WAAS device starts up, you are prompted to run the first-time setup utility, which you use to set up the basic configuration for the device. When prompted, press Enter and then enter the administrator password, which is default.
The configuration prompt waits several seconds before proceeding with the WAE setup sequence.
If you want to quit the setup utility, you can press Esc at any time. For help, enter the ? key.
Note If you do not press Enter in time to enter the basic configuration, you will need to log into the WAAS device through the terminal console and run the setup EXEC CLI command to manually invoke the setup utility. When you log in, the username is admin and the password is default.
Step 4 The default values for the basic configuration of the device are listed. Enter n at the first prompt to change the default settings or, to change a specific parameter, select the index number. You must change the defaults to configure a WAAS Central Manager.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
Press `y' to select above defaults, `n' to configure all, <1-6> to changespecific default [y]:Step 5 Select the Device Mode as prompted. For example, choose central-manager as the device mode that you want to configure on the WAAS device.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
1. Application Accelerator
2. Central Manager
Select device mode [1]:
2Step 6 Enter the Time Zone of the device. The number of hours offset from UTC (rounded down to the nearest whole number), and the number of minutes of any partial hour of offset. For example, if your time zone offset is -3:30, then you would set -3 for the hours offset and 30 for the minutes offset.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
Enter Time Zone <Time Zone Hours (-23 to 23) Minutes (0-59)> [UTC 0 0]:
EST -5 0Step 7 Select the Management Interface of the device.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
NO INTERFACE NAME1: GigabitEthernet 1/02: GigabitEthernet 2/0Select Management Interface [1]: 1You can accept the default choice (shown in brackets) at a prompt by pressing Enter.
Step 8 Configure Autosense for Management Interface.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
Enable Autosense for Management Interface? (y/n) [y]:Step 9 If you have Dynamic Host Control Protocol enabled in your network, enable DHCP on the WAAS device interface.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
Enable DHCP for Management Interface? (y/n) [y]:Step 10 Select the Management Interface Speed.
Note This option as available only if management interface Autosense is disabled.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
1. 10002. 1003. 10Select Management Interface Speed [1]:Step 11 Enter the Management Interface IP Address.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter Management Interface IP Address<a.b.c.d or a.b.c.d/X (optional mask bits)> [Not configured]:Step 12 Enter the Management Interface IP Mask.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter Management Interface IP Mask [Not configured]:Step 13 Enter the Default Gateway IP Address.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter Default Gateway IP Address [Not configured]:Step 14 Enter the Domain Name Server IP Address.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter Domain Name Server IP Address [Not configured]:Step 15 Enter the Domain Names.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter Domain Name(s) [Not configured]:Step 16 Enter the Host Name.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter Host Name [None]:Step 17 For the Network Time Protocol (NTP) server, we recommend that you enter the IP address of an NTP server, because clock synchronization between the WAEs in a WAAS network is important.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter NTP Server IP Address [None]: 172.19.228.200Step 18 Select the licenses that you purchased.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
The product supports the following licenses:1. Enterprise2. Enterprise & VideoEnter the license(s) you purchased [2]:Step 19 Write down the IP address of the WAAS Central Manager for future reference. You will need it to launch the WAAS Central Manager GUI, which you will use later in the "Accessing the WAAS Central Manager GUI" section.
Hit <F2> to see all of the configuration, enter d to toggle the defaults display, or enter a number to change a specific parameter. (See Figure 2.)
Figure 2 Central Manager Config
Step 20 Enter y when you are ready to apply the final configuration. The device is then visible on the network and it can be pinged.
Step 21 After specifying the basic network parameters for the designated WAAS Central Manager, the configuration changes are saved automatically and you are given the option to reload the system so that the new configuration will take effect.
Shutting down all services, will Reload requested by CLI@ttyS0.
Restarting system.
The system reboots. The WAAS Central Manager configuration that you just configured is loaded on the WAAS device named waas-cm, which has now been designated as a WAAS Central Manager.
Step 22 When prompted, enter the administrator username (admin) and password (default) and press Enter.
Username:
adminPassword:
System Initialization Finished.
The initial configuration of the WAAS Central Manager is completed. The next step is to initially configure and register the other two WAAS devices (the data center WAE and the branch WAE) with this WAAS Central Manager. See the "Configuring the WAEs for Inline Interception" section for details.
Running Diagnostics
Once your configuration has been applied, you are given the choice to run the diagnostic utility to verify connectivity. (See Figure 3.)
Note If diagnostics fail because of transient configurations, such as before a DHCP server has completed learning, you can run diagnostics manually using the test self-diagnostics all EXEC CLI command.
Figure 3 Configuration Diagnostics
Certain configuration properties including basic configuration, connectivity, interface link properties, and TFO configuration. (See Figure 4.)
Note Invalid IP addresses (Central Manager or WCCP router list) can lead to long delays when testing connectivity.
Figure 4 Diagnostics
Di
Configuring the WAEs for Inline Interception
This section describes configuring WAEs that have the Cisco WAE Inline Network Adapter installed. If you are using WAEs (or WAE network modules) that are using WCCP interception, see the section "Configuring WCCP" section.
To install and configure the WAAS WAE devices, and register them with the WAAS Central Manager, follow these steps:
Step 1 In the data center, unpack and connect the second WAAS device that you want to configure as the data center WAE in the WAAS network. You must set the port to which the WAE is connected to full duplex. For hardware installation instructions, see the hardware installation guide for the WAE.
Note We strongly recommend that you do not use half-duplex connections on the WAE or on routers, switches, or other devices. Use of half duplex impedes the system's ability to improve performance and should not be used. Check each Cisco WAE interface and the port configuration on the adjacent device (router, switch, firewall, WAE) to verify that full duplex is configured.
Step 2 Power up the designated data center WAE and open a console connection.
Step 3 When a WAAS device starts up, you are prompted to run the first-time setup utility, which you use to set up the basic configuration for the device. When prompted, press Enter and then enter the administrator password, which is default.
The configuration prompt waits several seconds before proceeding with the WAE setup sequence.
If you want to quit the setup utility, you can press Esc at any time.
Note If you do not press Enter in time to enter the basic configuration, you will need to log into the WAAS device through the terminal console and run the setup EXEC CLI command to manually invoke the setup utility. When you log in, the username is admin and the password is default.
Step 4 The first step of the setup utility displays a default configuration and allows you to enter `y' to accept the default values, `n' to configure all, or enter a number to change a specific parameter.
Parameter Default Value1. Device Mode Application Accelerator2. Interception Method Inline3. Time Zone UTC 0 04. Management Interface InlineGroup 1/15. Autosense EnabledESC Quit ? Help ------------------- WAAS Default Configuration --------------------
Press `y' to select above defaults, `n' to configure all, <1-6> to change specific default [y]:If you use the default settings, the setup utility skips configuration of the parameters in the following steps.
Step 5 Enter the required information as prompted by the setup utility (see Table 1). For example, choose application-accelerator as the device mode that you want to configure on the WAAS device. You can accept the default choice (shown in brackets) at a prompt by pressing Enter.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
1. Application Accelerator2. Central ManagerSelect device mode [1]:
1Step 6 Choose the interception method. The default method is normally the correct one to choose because it is automatically set to inline if a Cisco WAE Inline Network Adapter is installed or WCCP otherwise. Choose other if you want to use PBR interception or redirection from a Cisco Application Control Engine (ACE) or Catalyst 6500 series Content Switching Module (CSM).
1. Inline2. WCCP3. OtherSelect Interception Method [1]: 1
Note When using inline interception, we recommend configuring a routable IP address on the Cisco WAE Inline Network Adapter interface. Though it is possible to configure no IP address on the Cisco WAE Inline Network Adapter interface, directed mode operation will not work without an IP address. For more information on using directed mode, see the section "Configuring Directed Mode" in the Cisco Wide Area Application Services Configuration Guide.
Step 7 Choose the interface to configure as the management interface, for communicating with the WAAS Central Manager. With the Cisco WAE Inline Network Adapter, you can choose to share one of the inline interfaces for management traffic or you can use one of the built-in Gigabit Ethernet interfaces (out-of-band management).
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
NO INTERFACE NAME1: InlineGroup 1/12: InlineGroup 1/03: GigabitEthernet 1/04: GigabitEthernet 2/0Select Management Interface [1]: 1When you are prompted for the IP address of the interface, the IP address that you enter is used for the management interface that you chose in this step.
Step 8 If you chose inline as the interception method, when you are prompted to enter the VLAN ID, enter a VLAN ID between 1 and 4094, or if you are not using VLAN tagging, enter none.
Enter VLAN ID for InlineGroup IP(Range:1-4094) [none]:If the WAE with the Cisco WAE Inline Network Adapter is present in an 802.1Q VLAN trunk line between a switch and a router, and you are configuring an inline interface with an IP address, you must set the VLAN ID that is to be assigned to traffic that leaves the WAE. The VLAN ID should be set to match the VLAN ID expected by the router.
Continue to answer the questions displayed in the setup utility.
Step 9 If the management interface is a GigabitEthernet interface, then you are prompted to select an inline group to be used for interception, choose the inline group.
1. InlineGroup 1/02. InlineGroup 1/1Select interface for inline interception:Step 10 When you are prompted to choose a license, choose the licenses that you have purchased for use on your WAE. Activating the appropriate licenses is required for various acceleration features to operate. All licenses are not supported on all WAE models.
The product supports the following licenses:1. Transport2. Enterprise3. Enterprise & Video4. Enterprise & Virtual blade5. Enterprise, Video & Virtual bladeEnter the license(s) you purchased [2]:Step 11 If you chose WCCP as the interception method, the setup utility displays a set of example router configurations for your convenience. These configurations are the same configurations that are described in the "Configuring WCCP on the Routers" section. Press Enter to continue.
Step 12 When finished, the configuration is displayed. Enter d to toggle the defaults display, or enter a number to change a specific parameter. (See Figure 5.)
Figure 5 WAE Config—Inline
Enter y to select the configuration. If you choose not to accept the configuration, you have the option to go through the setup questions again and reenter the values. Your previous values are used as the defaults.
Step 13 Once you apply the changes, the configuration is saved automatically and you are given the option to reload the system so that the new configuration will take effect.
Shutting down all services, will Reload requested by CLI@ttyS0.
Restarting system.
Note If a CM address has been configured and the device mode has changed from the current running device mode (show device-mode running), cms enable is automatically configured by the system (node manager) within 5 minutes after the reboot.
The system reboots and the device is then visible on the network and it can be pinged.
If you want to check the current running configuration on the WAE, you can use the show running-config EXEC command.
The initial configuration of the data center WAE is completed. The next step is to initially configure and register the designated branch WAE with the WAAS Central Manager device. Repeat the procedure in this section with the WAE in the branch office; the configuration is identical.
If you are using inline mode for the WAEs, you are finished with network configuration and you can proceed with the "Accessing the WAAS Central Manager GUI" section.
If you are using WCCP interception, the next step is to configure WCCP. See the next section for details.
Configuring WCCP
Note Do not configure WCCP if you are using inline mode and a WAE with the Cisco WAE Inline Network Adapter installed, because WCCP will prevent inline mode from operating. With inline mode, traffic is directly intercepted and redirection is unnecessary. Skip to the "Accessing the WAAS Central Manager GUI" section.
If your network configuration is using WCCP instead of inline interception, WCCP provides the method to transparently redirect client requests to a WAE for processing. Figure 6 shows an example WAAS network configuration using WCCP.
Figure 6 Example WCCP Network Configuration
To configure basic WCCP, you must enable the WCCP service on at least one router in your network and on your WAEs. It is not necessary to configure all of the available WCCP features or services to get your WAEs up and running.
In this configuration example, because there is a data center WAE and a branch WAE in the WAAS network, you must configure WCCP Version 2 on four devices, as follows:
•Data Center WAE—To configure WCCP on the data center WAE, see the "Configuring WCCP on the WAEs" section.
•Branch WAE—To configure WCCP on the branch WAE, see the "Configuring WCCP on the WAEs" section.
•Data Center Router—To configure WCCP on the data center router, see the "Configuring WCCP on the Routers" section.
•Branch Router—To configure WCCP on the branch router, see the "Configuring WCCP on the Routers" section.
Note You must configure these devices to use WCCP Version 2 instead of WCCP Version 1 because WCCP Version 1 supports web traffic (port 80) only. For more information on WCCP configuration, see the Cisco Wide Area Application Services Configuration Guide.
The following WCCP procedures are included in this section:
•Configuring WCCP on WAAS Network Modules
•Configuring WCCP on the Routers
Configuring WCCP on the WAEs
This section describes configuring WAEs that are using WCCP. If you are using WAEs that have the Cisco WAE Inline Network Adapter installed, see the section "Configuring the WAEs for Inline Interception" section.
Note If one of the WAE devices that you are configuring is a network module (NME-WAE) installed in a Cisco access router, you must configure its basic network settings using the access router CLI, not by using the WAAS CLI as described in this section. For details, see the document Configuring Cisco WAAS Network Modules for Cisco Access Routers.
After you configure basic network settings, and open a session to the network module, you can use the procedures in this section to configure other basic settings. The setup utility skips the questions on device mode (only application accelerator can be used) and basic network configuration, which is provided by the router configuration. For basic WCCP configuration, see the section "Configuring WCCP on WAAS Network Modules" section.
To install and configure the WAAS WAE devices with WCCP, and register them with the WAAS Central Manager, follow these steps:
Step 1 In the data center, unpack and connect the second WAAS device that you want to configure as the data center WAE in the WAAS network. You must set the port to which the WAE is connected to full duplex. For hardware installation instructions, see the hardware installation guide for the WAE.
Note We strongly recommend that you do not use half-duplex connections on the WAE or on routers, switches, or other devices. Use of half duplex impedes the system's ability to improve performance and should not be used. Check each Cisco WAE interface and the port configuration on the adjacent device (router, switch, firewall, WAE) to verify that full duplex is configured.
Step 2 Power up the designated data center WAE and open a console connection.
Step 3 When a WAAS device starts up, you are prompted to run the first-time setup utility, which you use to set up the basic configuration for the device. When prompted, press Enter and then enter the administrator password, which is default.
The configuration prompt waits several seconds before proceeding with the WAE setup sequence.
If you want to quit the setup utility, you can press Esc at any time.
Note If you do not press Enter in time to enter the basic configuration, you will need to log into the WAAS device through the terminal console and run the setup EXEC CLI command to manually invoke the setup utility. When you log in, the username is admin and the password is default.
Step 4 The first step of the setup utility displays a default configuration and allows you to enter `y' to accept the default values, `n' to configure all, or enter a number to change a specific parameter.
Parameter Default Value1. Device Mode Application Accelerator2. Interception Method WCCP3. Time Zone UTC 0 04. Management Interface Gigabit Ethernet 1/05. Autosense Enabled6. DHCP EnabledESC Quit ? Help ------------------- WAAS Default Configuration --------------------
Press `y' to select above defaults, `n' to configure all, <1-6> to change specific default [y]:If you use the default settings, the setup utility skips the configuration of some of the parameters in the following steps.
Step 5 Enter the required information as prompted by the setup utility (see Table 1). For example, choose application-accelerator as the device mode that you want to configure on the WAAS device. You can accept the default choice (shown in brackets) at a prompt by pressing Enter.
1.application-accelerator
2.central-manager
Select the device mode [1]:
1Step 6 Choose the interception method. The default method is normally the correct one to choose because it is automatically set to WCCP if no Cisco WAE Inline Network Adapter is installed.
1. WCCP2. OtherSelect Interception Method [1]: 1Step 7 Enter the Time Zone of the device. The number of hours offset from UTC (rounded down to the nearest whole number), and the number of minutes of any partial hour of offset. For example, if your time zone offset is -3:30, then you would set -3 for the hours offset and 30 for the minutes offset.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
Enter Time Zone <Time Zone Hours (-23 to 23) Minutes (0-59)> [UTC 0 0]:
EST -5 0Step 8 Choose the interface to configure as the management interface, for communicating with the WAAS Central Manager. With the Cisco WAE Inline Network Adapter, you can choose to share one of the inline interfaces for management traffic or you can use one of the built-in Gigabit Ethernet interfaces (out-of-band management).
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
NO INTERFACE NAME1: GigabitEthernet 1/02: GigabitEthernet 2/0Select Management Interface [1]: 1Continue to answer the questions displayed in the setup utility.
When you are prompted for the IP address of the interface, the IP address that you enter is used for the management interface that you chose in this step.
Step 9 Configure Autosense for Management Interface.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
Enable Autosense for Management Interface? (y/n) [y]:Step 10 If you have Dynamic Host Control Protocol enabled in your network, enable DHCP on the WAAS device interface.
ESC Quit ? Help ------------------- WAAS Default Configuration --------------------
Enable DHCP for Management Interface? (y/n) [y]:Step 11 Enter the Central Manager IP Address.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter Central Manager IP Address (WARNING: An invalid entry will cause SETUP to take a long time when applying WAAS configuration) [None]: 10.10.10.10
Step 12 Enter the Host Name.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter Host Name [None]:Step 13 For the Network Time Protocol (NTP) server, we recommend that you enter the IP address of an NTP server, because clock synchronization between the WAEs in a WAAS network is important.
ESC Quit ? Help ------------------- WAAS Remaining Configuration --------------------
Enter NTP Server IP Address [None]: 172.19.228.200Step 14 When you are prompted to enter the WCCP router list, enter the IP addresses of 1-4 routers separated by spaces. The easiest configuration is to accept the default, which is the router you configured as the default gateway. To accept the default, press Enter.
Enter the space separated list of routers (maximum 4) for WCCPv2 [10.10.10.1]:Step 15 When you are prompted to choose a license, choose the licenses that you have purchased for use on your WAE. Activating the appropriate licenses is required for various acceleration features to operate. All licenses are not supported on all WAE models.
The product supports the following licenses:1. Transport2. Enterprise3. Enterprise & Video4. Enterprise & Virtual blade5. Enterprise, Video & Virtual bladeEnter the license(s) you purchased [2]:Step 16 The setup utility displays a set of example router configurations for your convenience. These configurations are the same configurations that are described in the "Configuring WCCP on the Routers" section. Press Enter to continue.
Step 17 When finished, the configuration is displayed. Enter d to toggle the defaults display, or enter a number to change a specific parameter. (See Figure 7.)
Figure 7 WAE Config—WCCP
Enter y to select the configuration. If you choose not to accept the configuration, you have the option to go through the setup questions again and reenter the values. Your previous values are used as the defaults.
Step 18 Once you apply the changes, the configuration is saved automatically and you are given the option to reload the system so that the new configuration will take effect.
Shutting down all services, will Reload requested by CLI@ttyS0.
Restarting system.
Note If a CM address has been configured and the device mode has changed from the current running device mode (show device-mode running), cms enable is automatically configured by the system (node manager) within 5 minutes after the reboot.
The system reboots and the device is then visible on the network and it can be pinged.
If you want to check the current running configuration on the WAE, you can use the show running-config EXEC command.
The initial configuration of the data center WAE is completed. The next step is to initially configure and register the designated branch WAE with the WAAS Central Manager device. Repeat the procedure in this section with the WAE in the branch office; the configuration is identical.
After you are finished configuring both WAEs with WCCP, proceed with the "Configuring WCCP on the Routers" section.
Configuring WCCP on WAAS Network Modules
If one of the WAE devices that you are configuring is a network module (NME-WAE) installed in a Cisco access router, you can configure basic WCCP settings using the setup utility.
Note If an external interface is used as the primary interface, router WCCP configuration is not recommended. If configured, however, the default gateway must point to the router hosting the network module, and the interface must be either directly connected back to the router, or through a trusted network. Otherwise, there could be a security risk.
To configure basic WCCP settings on a network module, perform the following steps in the setup utility after initial configuration:
Step 1 Once you have entered y to select the final basic network module configuration, enter y to configure WCCP on the router.
(See Figure 8.)
Figure 8 WAAS Network Module Config—Basic Config
Step 2 Enter and confirm router login password.
If TACACS or RADIUS server authentication is configured on the router, that password takes precedence over the local password.
Step 3 Choose a WCCP configuration (LAN redirection or WAN redirection). (See Figure 9.)
Figure 9 WAAS Network Module Config—WCCP Config
The following WCCP configuration is applied:
•LAN—ip wccp service 61 is configured as IN
•WAN—ip wccp service 62 is configured as IN
•NME-WAE interface of the router—ip wccp redirect exclude in is configured
In addition, a WAAS WCCP pilot redirect list of ACLs will are configured by default on the router. When you have completed the configuration, you can display the CLI using the ! key to view the WAAS WCCP pilot redirect list of ACLs, and the rest of the configuration.
Step 4 Enter the ! key to display the CLI.
conf tinterface GigabitEthernet0/0.1720ip wccp 61 redirect inexitinterface GigabitEthernet0/0.1726ip wccp 62 redirect inexitinterface In2/0ip wccp redirect exclude inexitip wccp version 2ip wccp 61 redirect-list waas-wccp-redirect-listip wccp 62 redirect-list waas-wccp-redirect-listip access-list extended waas-wccp-redirect-listremark WAAS WCCP Pilot Redirect listdeny tcp any any eq telnetdeny tcp any any eq 22deny tcp any any eq 161deny tcp any any eq 162deny tcp any any eq 123deny tcp any any eq bgpdeny tcp any any eq tacacsdeny tcp any any eq 2000deny tcp any any eq 5060deny tcp any any eq 1718deny tcp any any eq 1719deny tcp any any eq 1720deny tcp any any eq 554deny tcp any any eq 1755deny tcp any eq telnet anydeny tcp any eq 22 anydeny tcp any eq 161 anydeny tcp any eq 162 anydeny tcp any eq 123 anydeny tcp any eq bgp anydeny tcp any eq tacacs anydeny tcp any eq 2000 anydeny tcp any eq 5060 anydeny tcp any eq 1718 anydeny tcp any eq 1719 anydeny tcp any eq 1720 anydeny tcp any eq 554 anydeny tcp any eq 1755 anypermit tcp any anyendStep 5 Hit any key to continue and apply the configuration. Once you apply the changes, the configuration is saved automatically and you are given the option to reload the system so that the new configuration will take effect.
Shutting down all services, will Reload requested by CLI@ttyS0.
Restarting system.
Note If a CM address has been configured and the device mode has changed from the current running device mode (show device-mode running), cms enable is automatically configured by the system (node manager) within 5 minutes after the reboot.
The system reboots and the device is then visible on the network and it can be pinged.
Configuring WCCP on the Routers
To complete a basic WCCP configuration on the routers in the data center (Core-Router1) and in the branch office (Edge-Router1), follow these steps on each router:
Step 1 Log on to Core-Router1 and enter global configuration mode.
Core-Router1 configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Core-Router1(config)#
Step 2 Enable WCCP Version 2 and WCCP services 61 and 62 (TCP promiscuous mode) on Core-Router1.
Core-Router1(config)#
ip wccp version 2Core-Router1(config)#
ip wccp 61Core-Router1(config)#
ip wccp 62Step 3 On Core-Router1, configure the LAN interface for redirection. This interface is where traffic will be intercepted from when leaving the data center network toward the WAN. This interface must be a Layer 3 interface (routed port or switch virtual interface [SVI]).
Core-Router1(config)#
interface fa1/0.40Core-Router1(config-subif)#
Step 4 Enable WCCP service 61 on the inbound direction of fa1/0.40.
Core-Router1(config-subif)#
ip wccp 61 redirect inCore-Router1(config-subif)#
exitStep 5 Configure the WAN interface for redirection. This interface is where traffic will be intercepted from when entering the data center network from the WAN. This interface must be a Layer 3 interface (routed port or switch virtual interface [SVI]).
Core-Router1(config)#
interface serial0Step 6 Enable WCCP service 62 on the inbound direction of serial0.
Core-Router1(config-if)#
ip wccp 62 redirect inCore-Router1(config-if)#
exitStep 7 To avoid redirection loops, configure the subinterface where Core-WAE1 will connect to Core-Router1. To avoid a routing loop, Core-WAE1 must not be attached to the same segment (subnet) as the interface on Core-Router1 that is performing the redirection. Make sure that you have a tertiary interface (a separate physical interface) or a subinterface (off the router's LAN port) from which Core-WAE1 connects. In the following example, a subinterface is being used:
Core-Router1(config)#
interface fa1/0.41
Note If you plan to use the WCCP GRE return or generic GRE egress methods, you can place the WAE on the same VLAN or subnet as the clients and servers. When using these egress methods, it is important not to enable WCCP on the router until after these egress methods are configured on the WAEs, which can only be done after the setup utility has completed. For more information on configuring these egress methods, see the section "Configuring Egress Methods for Intercepted Connections" in the Cisco Wide Area Application Services Configuration Guide.
Step 8 After you create the subinterface, enter the ip wccp redirect exclude in command to specify that Core-Router1 should not repeatedly redirect the same traffic to the local WAE, Core-WAE1.
Core-Router1(config-subif)#
ip wccp redirect exclude inStep 9 Exit subinterface configuration mode.
Core-Router1(config-subif)#
exitCore-Router1(config)
Step 10 Enable Cisco Express Forwarding (CEF) on Core-Router1.
Core-Router1(config)#
ip cefCore-Router1(config)#
endCore-Router1#
Note CEF is not required but it is recommended for improved performance. WCCP can use IP CEF if CEF is enabled on the router.
Step 11 Save the configuration changes that you just made by writing the running configuration to nonvolatile memory.
Core-Router1#
write memoryBuilding configuration...
Core-Router1#
Step 12 Verify the new configuration for Core-Router1.
Core-Router1#
show running-configuration
The configuration of WCCP on the data center router is completed. The next step is to configure WCCP on the branch router. Repeat the procedure in this section on the branch office router; the configuration is identical.
Accessing the WAAS Central Manager GUI
After the WAE designated as the WAAS Central Manager has been deployed, you can use the WAAS Central Manager GUI to complete the basic configuration of the WAAS network. You can also use the WAAS Central Manager GUI to centrally manage and monitor the geographically dispersed WAEs in the WAAS network.
To access the WAAS Central Manager GUI and complete the initial configuration of the WAAS network, follow these steps:
Step 1 Enter the following URL in your web browser:
https://IP_address_of_WAAS Central_Manager:8443
For example:
https://10.10.10.10:8443
or
https://hostname_of_WAAS_Central_Manager:8443
For example:
https://waas-cm:8443
Note When you access the WAAS Central Manager GUI, make sure that you use HTTPS instead of HTTP to ensure that data is securely transmitted from the WAAS Central Manager to your web browser.
Step 2 After the Security Alert window appears, click Yes to accept the security certificate.
Step 3 After the Login window appears, enter the default username (admin) and the default password (default) for the predefined superuser account and click the Login button.
The Dashboard window of the WAAS Central Manager GUI appears in your browser.
The initial configuration of the WAAS network is completed. The next step is to verify that application acceleration is working correctly. See the next section for details.
The WAAS software comes with a set of predefined application policies that help your WAEs classify and optimize some of the most common application traffic with DRE, TFO, and LZ optimizations. This set of default application policies are for applications that use well-known port numbers. For a list of the predefined application definition policies, see the Cisco Wide Area Application Services Configuration Guide.
You can use the WAAS Central Manager GUI to modify these predefined application policies, create new ones, and then distribute these policies to one or more devices in the WAAS network. You can also modify the predefined set of application policies or create new ones through the WAAS CLI. However, we strongly recommend that you use the WAAS Central Manager GUI to perform this task in order to significantly reduce the complexity of this task and to increase the level of consistency. (For CLI command syntax information, see the Cisco Wide Area Application Services Command Reference.)
The WAAS software also comes with all application accelerators enabled. Enabled accelerators include the following: CIFS, EPM, HTTP, MAPI, NFS, and video. Enabled accelerators operate only if the proper license is installed. The Enterprise license is required for all accelerators and the video license is additionally required for the video accelerator.
Verifying Application Acceleration
Verify that WAAS optimization and application acceleration is working properly by following these steps:
Step 1 Log into the WAAS Central Manager as described in the previous section.
Step 2 In the left side navigation pane, choose My WAN > Manage Devices.
The WAAS Central Manager displays the Devices list. You will see the WAAS Central Manager (CM in the Services column) and the two WAEs (Application Accelerator in the Services column).
Step 3 Verify that each of the three WAAS devices show a CMS Status of Online and the Device Status has a green light, as shown in Figure 10.
Figure 10 WAAS Central Manager Devices Window
Step 4 Generate some traffic through the WAAS network for an application that WAAS optimizes.
Step 5 In the WAAS Central Manager, choose My WAN > Dashboard.
Step 6 Verify that your WAAS network is intercepting, optimizing, and compressing data by viewing the charts in the System Dashboard window. The Traffic Volume and Reduction chart (in the middle) should show an amount of optimized traffic that is lower than original traffic. The Top 10 Application chart (on the right side) should show a percentage of reduction for the type of application traffic that traversed the network.
For more information on monitoring WAAS performance, see the chapter, "Monitoring and Troubleshooting Your WAAS Network" in the Cisco Wide Area Application Services Configuration Guide.
Changing the Administrator Password
After you have initially configured your WAAS devices, we strongly recommend that you immediately change the password for the predefined superuser account (the predefined username is admin, the password is default, and the privilege level is superuser, privilege level 15) on each WAAS device.
If the predefined password for this superuser account has not been changed on a WAAS Central Manager, the following dialog box is displayed each time that you log in to the WAAS Central Manager GUI using this superuser account. (See Figure 11.)
Figure 11 Message Indicating the Predefined Password for the Superuser Account Should Be Changed
If you have not changed the predefined password for this superuser account, the console will also display the following message each time that you use this superuser account to log in to the WAAS CLI on any WAAS device:
Device is configured with a (well known) default username/password
for ease of initial configuration. This default username/password
should be changed in order to avoid unwanted access to the device.
System Initialization Finished.
waas-cm#
To change the password for the superuser account across all WAE devices registered to the Central Manager, follow these steps:
Step 1 Log in to the WAAS Central Manager GUI with the admin account, if you are not already logged in.
Step 2 From the WAAS Central Manager GUI Contents pane, choose Admin > Password.
The Changing Password for User Account window appears.
Step 3 In the New Password field, enter the new password. Passwords are case sensitive.
Step 4 In the Confirm New Password field, reenter the password for confirmation.
Step 5 Click Submit.
The message "Changes Submitted" appears at the bottom of the window confirming that your password has been changed. This password change is implemented on all registered WAEs.
Clock synchronization between the WAEs in a WAAS network is important. On each WAE, be sure to set up a Network Time Protocol (NTP) server to keep the clocks synchronized. The setup utility asks you to configure a NTP server, and you should configure one and your time zone when prompted. For information on setting up an NTP server, see the chapter, "Configuring Other System Settings" in the Cisco Wide Area Application Services Configuration Guide.
To set the clock manually, use the clock EXEC CLI command on each WAE. For details, see the Cisco Wide Area Application Services Command Reference.
After you initially configure your WAAS network for application acceleration, you can perform other WAAS administrative tasks. For details, see the Cisco Wide Area Application Services Configuration Guide.
Related Documentation
For additional information on the Cisco WAAS software, see the following documentation:
•Release Note for Cisco Wide Area Application Services
•Cisco Wide Area Application Services Command Reference
•Cisco Wide Area Application Services Quick Configuration Guide (this manual)
•Cisco Wide Area Application Services Configuration Guide
•Cisco Wide Area Application Services API Reference
•Cisco WAAS Installation and Configuration Guide for Windows on a Virtual Blade
•Configuring Cisco WAAS Network Modules for Cisco Access Routers
•Regulatory Compliance and Safety Information for the Cisco Content Networking Product Series
•Cisco Wide Area Application Engine 511 and 611 Hardware Installation Guide
•Cisco Wide Area Application Engine 512 and 612 Hardware Installation Guide
•Cisco Wide Area Application Engine 7326 Hardware Installation Guide
•Cisco Wide Area Application Engine 7341, 7371, and 674 Hardware Installation Guide
•Cisco Network Modules Hardware Installation Guide
•Installing the Cisco WAE Inline Network Adapter
•Cisco Wide Area Application Services Online Help
Obtaining Documentation and Submitting a Service Request
For information on obtaining documentation, submitting a service request, and gathering additional information, see the monthly What's New in Cisco Product Documentation, which also lists all new and revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What's New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free service and Cisco currently supports RSS version 2.0.
CCDE, CCENT, CCSI, Cisco Eos, Cisco HealthPresence, Cisco IronPort, the Cisco logo, Cisco Lumin, Cisco Nexus, Cisco Nurse Connect, Cisco StackPower, Cisco StadiumVision, Cisco TelePresence, Cisco Unified Computing System, Cisco WebEx, DCE, Flip Channels, Flip for Good, Flip Mino, Flip Video, Flip Video (Design), Flipshare (Design), Flip Ultra, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn, Cisco Store, and Flip Gift Card are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0907R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2006-2010 Cisco Systems, Inc. All rights reserved.