Issue in WAE CM
Hi
Please have a look at attachment, the AP801-WAE doesn't have any sent/received traffic with AM001N5200. But from AM001N5200, it does has traffic communication with AP801-WAE. Any one know why this happen and how to fix it?
Thanks. Leo
Any one has any ideas for this issue?
Thanks. Leo
Similar Messages
-
Hi Team,
I have one issue with WCCP redirection inside VRF. Here is my scenario:
PE router config (MPLS edge)
ip vrf aaa
rd 10:1
route-target both 10:1
int facing CE router
ip vrf forwarding aaa
ip address x.x.x.x x.x.x.x
mpls bgp forwarding
router bgp 10
<classic MP-BGP config>
address-family vpnv4 vrf aaa
neighbor <CE router> remote-as 100
neighbor <CE router> activate
neighbor <CE router> send-label
CE router (using VRF lite)
ip vrf aaa
rd 100:1
route-target both 100:1
ip wccp vrf aaa 61
ip wccp vrf aaa 62
int facing PE router
ip vrf forwarding aaa
ip address c.c.c.c c.c.c.c
ip wccp vrf aaa 62 redirect in
ip bgp mpls forwarding
int facing WAAS
ip vrf forwarding aaa
ip address w.w.w.w w.w.w.w
int LAN
ip vrf forwarding aaa
ip address l.l.l.l l.l.l.l
ip wccp vrf aaa 61 redirect in
router bgp 100
address-family vpnv4 vrf aaa
neighbor <PE router> remote-as 10
neighbor <PE router> activate
neighbor <PE router> send-label
<classic network advertising>
WAE config is classis WCCP with hash assignment and negotiated GRE return method. CE router does not have any issues detecting WAE appliance.
Now the mentioned issue:
Traffic from LAN to PE is being redirected OK. No issues here. But return traffic from PE router is not redirected to WAE appliance despite the fact that WCCP "redirect in" command is configured under CE WAN interface. When I remove "neighbor <CE router> send-label" command under "
address-family vpnv4 vrf aaa" on PE router, CE router starts to redirect traffic from PE to WAE appliance (but I loose label information on CE). When I configure this command back, redirection stops.
So my question is why this command is causing CE router not to redirect traffic from PE to LAN on its WAN interface? I was not able to find any restrictions regarding VRF lite and WCCP. I am using 15.2(3)T1 IOS version.
Many thanks for any inputs.
Regards,
Stanhi Stan,
I´m not really into VRF troubleshooting but you should check this info;
If a Cisco WAAS NME-WAE network module or Cisco WAE appliance is used at a branch location and the service provider cannot strip off the labels, WCCP can be used with a route-leaking option as long as there are no overlapping IP addresses. ( that sounds like your design)
look for WCCP Deployment
http://www.cisco.com/en/US/prod/collateral/contnetw/ps5680/ps6870/white_paper_C11-560131.pdf
good luck! -
Hello All,
I have really simple question for you.
1> So once the WAE devices are taken offline ( Disabling WCCP)
è WAN traffic will continue flow has normal. However the current connections will be lost. Am I right ?
è Also even thought we restart the WAE devices once they are offline it will not impact the current WAN traffic ?
2> So the other day I was trying to upload the 1.1.3b version to my WAE device which runs the CM ( Control Manager ) thru FTP however I got the time out error ( both thru the software and also thrui CLI ) here are the logs from the TFTP software. Also when i tried to upload the IOS image to the other WAE devices they had no issue.
Connection received from 172.30.209.220 on port 10003 [25/06 22:45:28.365]
Read request for file <WAAS_4.1.3b.9-K9.bin>. Mode octet [25/06 22:45:28.381]
Using local port 2404 [25/06 22:45:28.381]
TIMEOUT waiting for Ack block #65536 [25/06 22:46:18.797]
Connection received from 172.30.209.220 on port 10003 [25/06 22:51:15.020]
Read request for file <WAAS_4.1.3b.9-K9.bin>. Mode octet [25/06 22:51:15.020]
Using local port 2409 [25/06 22:51:15.020]
TIMEOUT waiting for Ack block #65536 [25/06 22:52:05.148]
Connection received from 172.30.209.220 on port 10003 [25/06 23:15:58.221]
Read request for file <WAAS-4.1.5f.2-K9.bin>. Mode octet [25/06 23:15:58.236]
Using local port 2437 [25/06 23:15:58.236]
TIMEOUT waiting for Ack block #65536 [25/06 23:16:48.737]
Connection received from 172.30.209.220 on port 10003 [25/06 23:27:57.961]
Read request for file <WAAS-4.1.5f.2-K9.bin>. Mode octet [25/06 23:27:57.977]
Using local port 2443 [25/06 23:27:57.977]
TIMEOUT waiting for Ack block #65536 [25/06 23:28:51.368]
Thank you for all the help in advance,
SoofiHi Soofi,
When you disable WCCP through the CLI, there is a graceful shut down period during which existing connections will continue to be handled by WAAS while new connections will be returned to the intercepting device for normal forwarding. Once the graceful shutdown period as expired, optimized connections will be reset while pass-through connections will continue to flow normally. Once you re-enable WCCP, existing connections will be handled as pass-through, while new connections will be optimized.
For the upgrade problem you are having, how are you trying to copying the image to the CM? Can you please provide the exact steps you are taking?
Thanks,
Zach -
I am having issues with my WAE 674.
Powered on for the first time and was hanging at the booting the kernel screen.
Then used the software recovery CD waas-rescue-cdrom-4.4.1.12-npe-k9.iso, it went through all the steps of installation.
After reboot it hangs at booting the kernel, it does not move from this point. Nothing on the hyperterminal.
I have attached the screenshot.
Any ideas?
Thanks,
Suhail.Hi Suhail,
How are you connected to the WAE?
If you are directly connected to the WAE through a screen/keyboard, I believe that what you see is expected: the WAAS software stop redirecting it's console output on the screen after booting it's kernel and move it to the serial port.
This is explained in the hardware specs of your device:
You can connect a keyboard to any USB port and connect a monitor to the video connector to troubleshoot the BIOS boot process. However, video output is for troubleshooting only during the BIOS boot process. The video output stops displaying when the serial port becomes active. To monitor the boot process in normal operation, use the serial console port.
http://www.cisco.com/en/US/partner/docs/app_ntwk_services/waas/wae/installation/7341-7371/guide/7300intr.html#wp1040565
Could you have a look at the boot sequence from the serial port and see if everything looks fine from there?
Regards,
Nicolas -
Hi WAAS Experts,
I have a query, when I issue the 'Force group Settings' command what effect will this have on existing flows? Do I need to disable WCCP prior to issuing this command on the affected WAE's?
Thanks,
Shankar KHi Shankar,
A change of classifier/policy on the WAE is not affecting the existing flows so you shouldn't need to disable WCCP if you want to force group settings there.
Regards,
Nicolas -
Dear ,
I have site A and Site B.In site A I have AWe 512 is installed,at site B there is a WAE 512 and WAAS as a CM installed.
All the applications were working fine between site A and site B.All of a sudden applications are not working like RDP,Accessin file server and all not accessible at site A to site B.When I check the connectivity ,it is reachable from site A to site B.
Even telnet from site A to site B to all servers with the port 3389 is connecting.When I check through netstat -an it shows from site A source address to site B destination address to that port 3389 is established.
When mstc to that server is hanging,and \\x.x.x.x\ to remote is not able to open.
Please guide me to resolve.
Regards,Hi Venkat,
Looking at your issue, are you sure this is WAAS issue? Can you please apply pass thru policy for this traffic and see if it works.
You can also use cli command: show stat conn | in to see if the connection is going thru WAAS and is being optimized. If it shows up as optimized, try putting a pass thru policy for this client and verify the functionality.
Further, is this issue limited to one client / one site / multiple sites? Depending on that you want to focus either on hub site or branch site or single client.
Please also provide us the software version and hardwares you are using at the affected sites.
Feel free to let us know if you think it is WAAS related.
Hope this helps,
Regards.
PS: if this resolves the problem, please mark this as Answered. -
Hi,
Has anyone come across the issue with the IRQ for routing on the WAE?
My edge box in our customer demo lab stopped routing traffic and only starts once you er-apply the gateway statments back in. Then network connectivity is restored and the WAE thinks its passing traffic to be acceleration process but in fact the traffic is worse than native across the WAN. This is on a 512 with an inline module running either 4.0.15b6 and or 4.0.17b14
Cheers
RobRob,
Which "gateway statements" are you referring to? Obviously performance shouldn't be worse than native when WAAS is deployed. Can you please verify what speed/duplex the inline ports are configured/running as?
Thanks,
Zach -
Dear ,
I have two sites connected through MPLS cloud.Site A to MPLS cloud is 10 Mb Link,Site B to MPLS 100 Mb Link.At Side A Cisco WAE is installed,and site B WAE and WAAS (Central Manager) is connected.
There are servers like Fileserver and ACS servers are placed at Side B.Now WAE is compressing and decompressing between Side A and Side B and vise versa.
It was working fine.No configuration changes made.But all of a sudden from Side A to Side B the services are not working.Like, From side A trying to access the ACS server through RDP is not working.It is hanging.At the same time ICMP ping is perfect,no drop,then telnet with 3389 is connecting,meantime Netstat -an shows clearly the 3389 is established.
But RDP is not working,I am not able to open the Fileserver to download and upload (Copying).
For time being I have disconnected the WAE at site A.Now without WAE it is working fine.
Please help me to resolve this issue.
Thansk and Regards,
S.VenkatSure, with WAE, it adds extra TCP option and that increase the packet size, and typically the overall packet is more than 1500 bytes, therefore, the connectivity fails. If we lower the MTU MSS negotiated, the overall packet after the option addition will be no more than 1500 bytes, and will pass through the network just fine. Ethernet MTU is normally 1500 bytes.
Hope that answers your question. -
Issue Details- WAAS Optimizers were not optimizing traffic between two locations, drastically dropping performance on FTP connections and also seeing disconnection WAE from CM.There is somthing which is being pushed from CM that causing WCCP disconnect but not sure about it.
Jun 14 01:58:46 APDC4R10-NWAE02 wccp: %WAAS-WCCP-5-500024: Removing router 0.0.0.0 from router table.
Issue is sporadic in nature, SR has been open and TAC has given action plan when issue come again but, i am sure same issue happened earlier somewhere and solution must be in place rather reactive approch to wait for issue to come.
Appreciate if any one has already know the solution on this.
TkxHello Kiran,
Because your WCCP tunnel is going randomly down, I believe this is either a design issue or a WCCP configuration problem.
Because is randomly happening is hard to run captures at the same time of failure but we can still review the captures when it is actually working.
There are four WCCP V2 messages:
* Here I AM
* I See You
* Redirect Assign
* Removal Query
Each WCCP message comprises a WCCP Message Header followed by a number of message components, for example if the length value or any component header is not set as expected one might expect to see WCCP errors.
here are Nexus WCCP compatibilities notes:
-Assignment methods supports only mask assisments. this is the same as saying that the Nexus and the WAAS device are L2 connected and should be properly configure to run mask assigments .. not hash.
-In addition any packets being " bypass return" should go via L2.
-Packet egress redirection goes via IP forwarding and negotiated L2 return as well.
-WCCP GRE return is not supported, WCCP GRE redirection is not supported
It will be nice if you upgrade to a newer WAAS version you're about 30 versions away from the latest one, there have been many open/fix caveats for WCCP/WAAS previous codes, in addition to the enhacements you're missing.
good luck, -
Upgrade Failed in WAE's from 4.1.5f to ver 4.2.3c with SSL Error.
Hi all,
I am in the process upgarding the OS from 4.1.5f to 4.2.3c . There was no issue upgarding the central manger.
While upgarding the other WAE's from the CM and also from the CLI there is an Alarm as below.
Alarm ID Module/Submodule Instance
1 mstore_key_retrieval cms ssl_mstore_key
2 mstore_key_failure sslao mstore_key_failure
Also the central manager shows that devices offline.
Thanks for your help
DhanaHi Dhana,
Please apply following commands from CLI on the WAEs that are hsowing up this error:
1. cms disable on WAE. commnd: CM deregister OR CMS deregister force
2. delete the device from CM
4.Apply following commands to WAE:
WAE-674-1(config)#no accelerator ssl enable
Disabled ssl accelerator.
WAE-674-1(config)#end
WAE-674-1#crypto pki managed-store initialize
All certificate/private keys in SSL managed store will be deleted and optimized SSL traffic will be interrupted. Are you sure you want to continue(yes/no)? [no]:yes
SSL managed store token file not present. Continuing with deletion of certificates in SSL managed store
Restarting SSL accelerator. Done.
WAE-674-1#conf t
WAE-674-1(config)# accelerator ssl enable
Enabled ssl accelerator
WAE-674-1(config)#cms enable
Hope this helps.
Regards.
PS: Please mark this Answered, if it resolves the issue. -
Dual WAE's in mixed return methods?
Today we have a single 7341 attached directly to the router's Gi0/1. The original WAE uses Forwarded return. Lastweek we received a second 7341 (and 15 other WAE boxes for branch sites). Since we can not connect a second WAE directly to the router without adding a switch between them, we planned on eventually moving both 7341's to our internal LAN segment. Our new 7341 will be provisioned on the internal LAN and will use GRE Negotiated Return to the routers Loopback interface. Once the new 7341 is up and running we plan on moving our original 7341 to that same architecture.
Does this present an issue? Will the router have an issue with service group 61 and 62 having two WCCP clients, using different return mechanisms?
7341#1 = Forwarded Return (Directly connected to router, L2)
7341#2 = GRE Negotiated Return (On Internal LAN, Routed)Just to clarify, both of these 7341 boxes will be in the same WCCP service groups. (61 LAN & 62 WAN). The "Return method" is GRE for both.
"However please note that the packet return method should be the same."
7341#1
wccp router-list 8 10.X.X.1 (Gi0/1 on router)
wccp tcp-promiscuous service-pair 61 62 failure-detection 30
wccp tcp-promiscuous service-pair 61 62 router-list-num 8
wccp version 2
7341#2
wccp router-list 1 10.X.X.129 (Loopback1 on same router)
wccp tcp-promiscuous service-pair 61 62 failure-detection 30
wccp tcp-promiscuous service-pair 61 62 router-list-num 1
wccp version 2
egress-method negotiated-return intercept-method wccp -
WAAS WAE Alarm 'mstore_key_retrieval'
Hello,
I am supporting an environment that has 30+ remote WAEs deployed with a CM at the HQ.
All remote WAE's Versions = Cisco Wide Area Application Services (universal-k9) Software Release 4.2.3b (build b4 Oct 4 2010)
HQ's CM version = Cisco Wide Area Application Services (universal-k9) Software Release 4.4.3 (build b4 Aug 22 2011)
On 4 of these WAEs, I currently am receiving encryption key alarms:
WAE#show alarms detail support
Critical Alarms:
Alarm ID Module/Submodule Instance
1 mstore_key_retrieval cms ssl_mstore_key
Apr 11 18:36:16.026 CDT, Processing Error Alarm, #000002, 3000:700008
Unable to generate and/or retrieve SSL managed store encryption key from the Key Manager
/alm/crit/cms/mstore_key_retrieval_failure:
CMS/Management agent failed to generate and/or retrieve SSL managed store encryption key from Key Manager.
Explanation:
This alarm indicates one of following issues: Central
Manager device(s) is not reachable. Secure store on
Central Manager is initialized but not open. Key Manager
process on Central Manager device is not running or failing
to respond. Key Manager is unable to process key
generation or retrieval request. If this issue is
present, the WAE device will not be able to process a
configuration update received from the Central Manager if
it contains SSL certificate/key information.
Action:
Check if Central Manager device is reachable (TCP
connections from the WAE to the Central Manager on port
443) Check following log files for additional information
about the error: /local1/errorlog/kc.log on WAE
/local1/errorlog/km/km.log on CM
2 mstore_key_failure sslao mstore_key_failure
Apr 11 18:39:07.518 CDT, Processing Error Alarm, #000006, 26000:26002
Failed to open SSL store due to failure in getting key from Central Manager.
/alm/crit/sslao/mstore_key_failure:
SSL managed secure store key retrieval failure.
Explanation:
The SSL accelerator is unable to get the SSL secure store
key from the Central Manager.
Action:
Check the connection with the Central Manager.
The explanations and actions match the alarm book , but in addition to that, in the Cisco WAAS Monitoring Guide, it also states:
Alarm 700008 (mstore_key_retrieval_failure) CMS/Management agent failed to generate and/or retrieve SSL managed store encryption key from Key Manager.
Severity: Critical
Category: Processing
Description: This alarm indicates one of following issues:
–The WAAS Central Manager device is not reachable
–Secure store on WAAS Central Manager is initialized but not open
–The Key Manager process on the WAAS Central Manager device is not running or failing to respond
–Key Manager cannot process key generation or retrieval request. If this issue is present, the WAAS device cannot process a configuration update received from WAAS Central Manager if it contains SSL certificate and key pair information.
Action: Check to see if the WAAS Central Manager device is reachable (TCP connections from the WAE to the WAAS Central Manager on port 443). Check the following log files for additional information about the error:
–On WAE: /local1/errorlog/kc.log on WAE
–On WAAS Central Manager: /local1/errorlog/km/km.log
Action: Fix the clock on the device or the primary WAAS Central Manager.
For a complete list of alarm conditions, see the Alarm Book located in the WAAS 4.2.1 Software Download area on Cisco.com.
Using this information, I've checked the following:
TCP 443 is reachable from the WAE to the CM (I can telnet from each WAE to the CM on TCP 443)
Time is correct on the WAEs and CM ('show ntp status' and 'show clock' are consistent)
Secure store on CM is open ('show cms secure-store' on the CM shows that the mode is in 'Open' state),
Verified that the key manager process is running (Looking at the CM's KM log shows plenty of action that it's working for other WAEs)
Here is some information I gathered from the WAEs' kc.log files and the CM's km.log (slightly scrubbed):
From the WAEs' kc.log files:
pool-1-thread-1] INFO CommClientAbstractRPC - Send key retrieval request to CM 10.x.x.x for token d1b77e45-ce60-4332-a92d-3d3cb17d35cf
pool-1-thread-1] WARN CommClientAbstractRPC - Received error response from KM(20,No key found for token d1b77e45-ce60-4332-a92d-3d3cb17d35cf from device 17111)
From the CM's km.log file:
[pool-1-thread-4] INFO - retrieveKey request, token=d1b77e45-ce60-4332-a92d-3d3cb17d35cf from device WAE1/17111
[pool-1-thread-4] INFO - Checking secure store open
[pool-1-thread-4] INFO - Loading KEK from data server
[pool-1-thread-4] INFO - ticket 17111 (1327767406332, 1327767392433, 13899, 10000)
[pool-1-thread-4] WARN - No key found for token d1b77e45-ce60-4332-a92d-3d3cb17d35cf from device 17111
*** Going through these logs, I've seen other devices have the same issue, and eventually a WAE records the following:
[main] ERROR DeviceInfo - /state/node.dat (No such file or directory)
java.io.FileNotFoundException: /state/node.dat (No such file or directory)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(Unknown Source)
at java.io.FileInputStream.<init>(Unknown Source)
at com.cisco.waas.kc.DeviceInfo.retrieveNodeInfo(DeviceInfo.java:65)
at com.cisco.waas.kc.DeviceInfo.<init>(DeviceInfo.java:47)
at com.cisco.waas.kc.DeviceInfo.getInstance(DeviceInfo.java:37)
at com.cisco.waas.kc.comm.CommClientAbstractRPC.retrieveKey(CommClientAbstractRPC.java:149)
at com.cisco.waas.kc.RetrieveKeyCommand.execute(RetrieveKeyCommand.java:43)
at com.cisco.waas.cli.CLICommand.execute(CLICommand.java:114)
at com.cisco.waas.cli.AbstractCLI.process(AbstractCLI.java:28)
at com.cisco.waas.kc.KeyClient.main(KeyClient.java:40)
[main] ERROR DeviceInfo - /state/node.dat (No such file or directory)
java.io.FileNotFoundException: /state/node.dat (No such file or directory)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(Unknown Source)
at java.io.FileInputStream.<init>(Unknown Source)
at com.cisco.waas.kc.DeviceInfo.retrieveNodeInfo(DeviceInfo.java:65)
at com.cisco.waas.kc.DeviceInfo.<init>(DeviceInfo.java:47)
at com.cisco.waas.kc.DeviceInfo.getInstance(DeviceInfo.java:37)
at com.cisco.waas.kc.comm.CommClientAbstractRPC.initKey(CommClientAbstractRPC.java:40)
at com.cisco.waas.kc.InitKeyCommand.execute(InitKeyCommand.java:40)
at com.cisco.waas.cli.CLICommand.execute(CLICommand.java:114)
at com.cisco.waas.cli.AbstractCLI.process(AbstractCLI.java:28)
at com.cisco.waas.kc.KeyClient.main(KeyClient.java:40)
*** Followed with what appears to be a new SSL key being generated ***:
[main] INFO DeviceInfo - loaded device info, hash H04Fer5il3b/9oanDZXx/7aBnIo=
[pool-1-thread-1] DEBUG CMProber$ProbeWorker - Sending CM probe request to CM 10.x.x.x
[pool-1-thread-1] DEBUG CMProber$ProbeWorker - CM 10.x.x.x returned :primary:4.4.3.0.4
[pool-1-thread-1] DEBUG CMProber$ProbeWorker - Primary CM address 10.x.x.x version 4.4.3.0.4
[main] DEBUG CommClientAbstractRPC - CM version 4.4.3
[main] INFO CommClientAbstractRPC - Send key initialization request to CM 10.x.x.x key type SSL
[main] INFO CommClientAbstractRPC - Received new token for generated key SSL/cbe3d6fc-875e-4b61-baeb-528c55cb3597
[main] INFO DeviceInfo - loaded device info, hash H04Fer5il3b/9oanDZXx/7aBnIo=
[pool-1-thread-1] INFO CommClientAbstractRPC - Send key retrieval request to CM 10.0.65.234 for token cbe3d6fc-875e-4b61-baeb-528c55cb3597
[main] INFO CommClientAbstractRPC$1 - Successfully retrieved key from CM for token cbe3d6fc-875e-4b61-baeb-528c55cb3597
*** And the CM records the following ***:
[pool-1-thread-4] INFO - initKey request from device WAE2/30129 key type SSL
[pool-1-thread-4] INFO - Checking secure store open
[pool-1-thread-4] INFO - Loading KEK from data server
[pool-1-thread-4] INFO - Return crypto of type : 0
[pool-1-thread-4] INFO - Checking secure store open
[pool-1-thread-4] INFO - Loading KEK from data server
[pool-1-thread-4] INFO - Loading KEK from data server
[pool-1-thread-4] INFO - Generated new key WAE2/SSL token cbe3d6fc-875e-4b61-baeb-528c55cb3597
I'm wanting to know why this occurs on some boxes and not others, and what triggers the process for a WAE to stop repeatedly sending key retrieval requests with a token that the CM has repeatedly replies with the key not being found and performing an initial key request.
Thanks!Hi all, I got into the same issue and looking at a solution I found a way to clear those alarms whithout re-registering the WAE/WAVE. Here it goes...
WAE##sh accelerator
Accelerator Licensed Config State Operational State
cifs Yes Enabled Running
epm Yes Enabled Running
http Yes Enabled Running
mapi Yes Enabled Running
nfs Yes Enabled Running
ssl Yes Enabled Disabled ---> your SSL AO is probably down due the issue
video No Enabled Shutdown
WAE#sh alarms
Critical Alarms:
Alarm ID Module/Submodule Instance
1 mstore_key_retrieval cms ssl_mstore_key
2 mstore_key_failure sslao mstore_key_failure
Major Alarms:
None
Minor Alarms:
None
WAE#crypto pki managed-store initialize
All certificate/private keys in SSL managed store will be deleted and optimized SSL traffic will be interrupted. Are you sure you want to continue(yes/no)? [no]:yes
Restarting SSL accelerator. Done.
After a couple of minutes alarms will be cleared and SSLAO will be back UP.
WAE#sh accelerator
Accelerator Licensed Config State Operational State
cifs Yes Enabled Running
epm Yes Enabled Running
http Yes Enabled Running
mapi Yes Enabled Running
nfs Yes Enabled Running
ssl Yes Enabled Running
video No Enabled Shutdown
WAE#sh alarms
Critical Alarms:
None
Major Alarms:
None
Minor Alarms:
None
In case you have the issue in the Core WAE (where the cms secure-store is opened), you might need to initialize it.
Regards,
Fernando -
NME-WAE-502-K9 does not come up on 3925 router
Hello,
I have a 3925 ISR G2 router equipped with the following:
NAME: "CISCO3925-CHASSIS", DESCR: "CISCO3925-CHASSIS"
PID: CISCO3925-CHASSIS , VID: V03 , SN: FCZ151920TA
NAME: "Cisco Services Performance Engine 100 for Cisco 3900 ISR on Slot 0", DESCR: "Cisco Services Performance Engine 100 for Cisco 3900 ISR"
PID: C3900-SPE100/K9 , VID: V03 , SN: FOC15060R5V
NAME: "9 Port FE Switch on Slot 0 SubSlot 1", DESCR: "9 Port FE Switch"
PID: HWIC-D-9ESW , VID: V01 , SN: FOC1508029Y
NAME: "C3900 AC Power Supply 1", DESCR: "C3900 AC Power Supply 1"
PID: PWR-3900-AC , VID: V02 , SN: QCS1517P0BR
The router is also equipped with the following two modules:
NME-WAE-502-K9
SM-NM-ADPTR which is needed to support the NME-WAE-502-K9 on 3925 ISR G2 routers.
The issue is that both of the above modules are not showing up in "show inventory", "show version" and "show diag".
The router is running the following IOS version:
15.0(1)M5
The router has the following licenses installed:
License Info:
License UDI:
Device# PID SN
*0 C3900-SPE100/K9 FOC15060R5V
Technology Package License Information for Module:'c3900'
Technology Technology-package Technology-package
Current Type Next reboot
ipbase ipbasek9 Permanent ipbasek9
security securityk9 Permanent securityk9
uc None None None
data None None None
I also tried to install the "diagk9" license for evaluation, which did not solve the issue.
I also tried to reboot the router, also did not solve the issue.
It seems to me, per Cisco's documentation, that the router is meeting the minimum requirements.
Please advise if you know how to solve this issue.
I'm attaching "show tech-support" output from the router, and also a screenshot of the rear side of the router.
Thanking in advance, Udi Dahan.Hello Ehud,
Looks like this could be hardware issue. Do you see the power on the NME module when you put it in?
There could be two problems:
1. The NME-WAE-502-K9 is bad. Try putting this in a different router and see if it shows up to make sure the NME module is good.
2. The SM-NM-ADPTR is bad. Try to use different adapter with NME module and see if that shows up.
3. The router slot itself is bad. try putting the adapter and NME module in different router to verify if it works.
If nothing above works, you may want to open up a TAC case for RMA creation. -
I have a WAE running 4.1.3 that registered successfully to the CM but is failing to pull the config from the CM (also at 4.1.3).
It shows up as activated and online, but nothing shows up under the Services column within CM - where you typically see Application Accelerator.
Debugging CMS on the edge WAE showed 'Failed to Connect to CMS configuration consumer. Unable to connect.'
Has anyone experienced this? All other WAE's in my environment have registed and been able to pull config from CM w/o issue.I would recommend that you try to do a cms deregister force on the accelerator, and delete it from the central manager GUI. Then try re-registering to the CM and see if that will fix the issues.
Thanks,
Dan -
Dear Team,
In WAAS Setup we are not seeing any Optimized EMAPI connection and below error is showing in Alarm section for all Edge WAE devices.
Wansecure encountered a peering service configuration error: ssl peering service configuration mismatch with peer device id 88:f0:31:b3:6e:c8. The following protocol acceleration can fail: SSL-AO, ICA (if using Wansecure) and Encrypted MAPI.
We have verified the SSL peering configuration between Edge and core device and not found found any mismatch between them. Please suggest how we can resolve this issue.
Regards,
RanjithHi,
Try the following on all the WAAS devices participating in the flow. (Core + edge)'
WAAS #sh acc wansecure
Accelerator Licensed Config State Operational State
wansecure Yes Enabled Running
WAN Secure:
Accelerator Config Item Mode Value
SSL AO User enabled
Secure store User enabled
Peer SSL version User default
Peer cipher list User configured
Peer cert User default <<<<Should be same for all devices
Peer cert verify User enabled
Follow the doc below.
http://www.cisco.com/c/en/us/td/docs/app_ntwk_services/waas/waas/v501/configuration/guide/cnfg/policy.html#wp1156757
Hope that resolves the issue.
Regards,
Abhishek
CCIES 35269
Maybe you are looking for
-
Calling Stored Procedure from Oracle DataBase using Sender JDBC (JDBC-JMS)
Hi All, We have requirement to move the data from Database to Queue (Interface Flow: JDBC -> JMS). Database is Oracle. *Based on Event, data will be triggered into two tables: XX & YY. This event occurs twice daily. Take one field: 'aa' in XX and com
-
Exception while deploying application(as EAR file) on Standalone WLS 10.3
Hi, I'm struggling with an exception while deploying my application(as EAR file) on a standalone WebLogic Server 10.3. I have developed a application using Trinidad and JSF components. But an exception occurs while deploying my application(as EAR fil
-
RD Connection Broker randomly fails to process connection requests
The RD Connection Broker is a Windows 2008 R2 server. It's been running without issues for 3 years. It handles three RD servers also Windows 2008 R2. Starting yesterday some users - not all - no longer can log on using the farm name. If the RDP file
-
Oracle 10g Locator installation
I have an Oracle 10g Database, only the plain db, no other component. Right now I need Locator to be installed, here are two questions -- 1. Do I need to re-install the whole database in order to add one more component (interMedia) to 10g? 2. I know
-
Hello, Please can someone explain me an example of a dashboard created in BI for CRM reports.What were the tools used to create the dashboard.Like i understnd what does dashboard mean..could someone give an example of dashboard created.in terms of CR