WAAS Central Manager Policy Definitions across several device groups

Hi there,
I am trying to find a way to apply a custom application policy(s) to multiple device groups. ( not the AllDevicesGroup).
I have not found a way to export or import the policy.
Any help would be appreciated.
Todd

I have my "Core" WAE's in a separate device group to prevent them from recieving a policy or setting intended for Edge WAEs.  For example, If someone sets the assignment method to hash, I certianly dont want that pushed to my Core, ( using Mask assignment)
However, a custom application definition WILL need to be applied to both Core and Edge WAE's. Therefore I need a way to create the policy for all devices group and copy out and apply selected custom policies to the Core device group as well.
Problem:  I have QUALYS Vulnerability Scanners that wreak havoc on WAE's by opening 1000's of sessions and not propoerly closing them, causing TFO Overload conditions, throughout the network.
Solution: create a custom policy to set Scanner IP action to pass-through. there are 30+ scanners so the match condition is lenthy and woudl be painful to build manually for each device group.
new Problem: need to apply this to multiple device groups.

Similar Messages

  • Is WAAS Central Manager needed for SRE?

    Hello experts,
    We're planning to deploy just WAAS SRE in 3945 routers at multiple sites? Do we need to buy WAAS central manager? also can WAAS SRE be configured from command line and able to save the config to text file just like on router's IOS?
    Thanks

    Hi,
    For your setup to be supported, you need to have all of your WAAS devices registered to a Central Manager.
    Will it optimise connections if you don't? Yes it will but if you run into any issues with it, you will be on your own...
    Regarding the configuration, you need to have the module imported into a CM but you can do all of the config from the CLI if you prefer and only use the CM for statistical reporting.
    Nicolas

  • Cisco WAAS Central Manager

       Can someone tell me how to deploy Cisco WAAS Central Manager to manage 100 WAE devices over WAN? Is there any additional devices need to setup redundant design and any license cost included here per device basis to monitor? I need detailed solution to manage WAE devices centrally.

    Vinod,
    There is no need to buy additional licenses or no need to  add per device license  on the central manager. You can go with the 294-4G or the 474 device , these can support upto 250 devices. However would suggest you to go with a higher model so in future if you expand , you might want to replace the CM that time.
    Also a central manager cannot work as a inline or wccp device nor it can do any optimization.
    Regards
    Abijith

  • WAAS Central Manager Replacement

    I have need to replace a WAAS Central Manager (4.4.x). The replacement would have a new IP address. The planned path of migrating is first to setup the replacement as standby and once sync'ed promote to primary. I will then manually update the WAE devices with new IP address.
    OLD CM:
    WAE# configure
    WAE(config)# central-manager role primary
    WAE(config)# cms enable
    On the standby device, execute the following CLI commands:
    WAE# configure
    WAE(config)# central-manager role standby
    WAE(config)# central-manager address new IP
    WAE(config)# cms enable
    Is this idea the best approach?
    Any idea if the SSL certificates would have to be revoked and re-issued (whether self signed or otherwise)?

    Hi,
    The steps to replace a CM hardware have been documented under the following bug:
    http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtz47138
    Basically, the steps are the following:
    If the CM will be using the same hardware and IP you can restore the CMS database.
    If the CM will be using a new name or IP, use the workaround provided by CSCsi59886:
    1- Add new CM as standby
    2- Make it primary
    3- deactivate former CM in new CM GUI
    4- delete former CM from new CM GUI (and make sure it s gone from the DB)
    5- 'cms deregister' on former CM CLI
    7- rename former CM, change its mode and reload.
    8- rename the new primary and change its IP address
    9- Change the IP and mode of former CM and register it
    Regards,
    Nicolas

  • Renewing Self Signed Certificate for WAAS Central Manager

    Hi,
    We would like some help from you about the following: We have an WAAS Central Manager which its self-signed certificate validity has expired as showed below:
            Validity
                Not Before: Jul  7 00:47:06 2009 GMT
                Not After : Jul  6 00:47:06 2014 GMT
    We have used its certificate to install some other remote WAAS Express routers. 
    We would like to know the following:
    1. is it possible to renew this certificate? or 
    2. do we need to reinstall another certificate on CM and replicate this new one on these waas express remote devices?
    If affirmative for at least one of them, please, could you share any document that describe how to do it?
    I have attached some output commands from our CM.
    Thanks,
    Marcelo

    attaching file now!!!

  • Https certificate on WAAS Central Manager

    Hi,
    I wanting to know if it is possible to authenticate the WAAS central manager with a different certificate/key pair than the self-signed certificate/key pair.
    I can't find any information about installing my own certificate/key pair.
    Thanks in advance

    We do have an option for the same:
    First you may generate a CSR using:
    http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v531/command/reference/execmds.html#wp2773266
    Once done you can get the cert and import cert and keys on Central Manager using admin option
    http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/v531/command/reference/execmds.html#wp2773369
    "admin"
    Specifies that the certificate and key are for the Central Manager admin service. This option can be used only on the Central Manager.
    The Central Manager admin service uses a self-signed certificate and key by default. You can use the crypto import pkcs12 admin command to import a custom certificate and key in PKCS12 or PEM format. If you delete the custom certificate and key, the self-signed certificate and key again become active.
    Hope this helps,
    Swati

  • WAAS Central Manager - Procedure for changing FQDN and ip address

    Software version 4.1.1c
    I have the need to change my waas central manager hostname, doamin name and ip settings. What is the proper procedure to do this in order to keep the cm synchronized with the waes. I seem to have them out of sync now. Do you deregister all the waes first, change and reboot the cm, then register them again?

    Hi,
    check SAP note 8307 Changing host name on R/3 host: What do you do?

  • TS3999 i have lost a shared (across several devices) iCloud calendar. How do I get it back?

    I have lost a shared (across several devices) iCloud calendar. How do I get it back?

    Try having the owner resend the invitation for the shared calendar (see http://help.apple.com/icloud/#mm6b1a9cbb), then accept the invitation to add it back.

  • Advice for WAAS Central Manager?

    Hello,
    We are building a WAAS lab (not production) for a customer and we recently discovered that we can't use the NME-WAE-502-K9 as the central manager which was very affordable.  So we are very disappointed about this.  The other equipment are Cisco ISR 2811 (very affordable for building WAAS) with NME-WAE-502-K9 running WAAS 4.1.1 acting as the application accelerators.  I have some questions and asking for some advice about some alternative options for us to consider:
    What is the cheapest/smallest WAAS option we can use for the WAAS central manager?  The only thing I could find is the WAE-512-K9, but maybe there is something else that is smaller and cheaper for consideration. 
    From what I read, after WAAS software version 4.1.1 it requires the Enterprise and Transport Licencing.  Does the WAAS central manager have a 30,60, or 90 day trial that the CM can run before a license is required like most of the Cisco Unified Communications products today?
    Thanks in advanced!
    -rya

    A central manager is required to managed all of your accelerators properly in a supported configuration. You don't necessarily need a physical appliance though. There is also the virtual form factor (vWAAS is the accelerator version and vCM is the manager version) that can run on a ESXi hypervisor.
    http://www.cisco.com/en/US/docs/app_ntwk_services/waas/waas/vwaas/guide/vwaasguide.html#wp69212
    John
    If this is useful please mark as Helpful or Solved.

  • WAAS Central Manager version 4.1

    Hello,
    I have to prepare a design of a WAAS deployment for my customer. I have an issue with the 4.1 version: Does i have to use an appliance dedicated for the management or i can use an WAE-512 with entreprise licence for managament and for WAN optimization features?
    Thank you in advance

    In any version of WAAS the supported configuration is to have a minimum of 2 application accelerators and one central manager. You cannot run the Central Manager and Application Accelerator on the same device.
    The enterprise license unlocks specific features, notably CIFS acceleration but will not influence the number of required WAE's.

  • Varying amount of policy definitions on WAE devices

    Apologies if this question has already been addressed.
    What is the correct procedure for bringing all other WAE devices to the same amount of Policy definitions as the CM Manager?
    It is a relatively small setup for now, so everything can be part of the "AllDevicesGroup"
    Any pointers/assistance greatly appreciated.

    Apologies if this question has already been addressed.
    What is the correct procedure for bringing all other WAE devices to the same amount of Policy definitions as the CM Manager?
    It is a relatively small setup for now, so everything can be part of the "AllDevicesGroup"
    Any pointers/assistance greatly appreciated.

  • Can I create a report at WAAS central manager based on server IP address

    Hi,
    I have two distinct applications running at port 8080 for which I would like to have separated performance reports at Central Manager. Is there any mean to do that by using server ip address for example? If so how? Do I need to change policy? If so is that the only way?
    Thanks
    Wilhelm

    Hi Rulix,
    The latest version of CR Server is 2008. Therefore I'm assuming you are using CR Server 2008.
    New in CR 2008 is the .NET report modification software development kit (SDK). The report application server (RAS) SDK is now available for users of Crystal Reports .NET API without the use of a RAS server. Report modification such as changing, adding, or removing database providers, or adding, removing, or creating report objects, parameters, formulas, and sections can be achieved by accessing the RAS SDK through the Crystal Reports .NET SDK.
    Java developers however receive the JRC and Java SDK documentation through the free Crystal Reports for Eclipse download. This product will be updated on a separate schedule from Crystal Reports.
    Further Information and samples are available in our [Developer Library|https://www.sdn.sap.com/irj/sdn/businessobjects?rid=/webcontent/uuid/5001d5de-f867-2b10-00bf-8d27683c85a0]
    Kind regards,
    Tim

  • WaaS Central Manager - device serial number report available?

    Hi folks,
    just wondering if anyone knows a quick/easy way to talk to the WAAS database to pull serial number information for all of my WAE's installed.  i have 35 devices scattered around 7 states and I'm hoping for an easy way to collect serial number info.
    I was hoping the platform report from the CM would do it, but it does not provide serial numbers of each chasis, only model and software version.
    My thought is the CM probably has this data somewhere?  I'm hoping to avoid having to manually telnet to 35 appliances and run the command 'show inventory' to find the appliance I am looking for.
    anyone have a good shortcut?
    also - anyone know what the database format is?  mysql? postgres?

    The best way to collect serial # remotely from a WAAS device (WAE) is by executing 'show hardware'. You may write a script to get it.
    CM don't provide this info currently.
    Can you please unicast me at '[email protected]' so that I will be able to understand your requirements.
    thanks
    Nat

  • Re: WAAS/Central Manager, do WAVE594 NEED connectivity to CM for optimization to another WAV594? can i install CM later?

    Can I install the End WAVE appliances and have optimization working, and install CM later?

    Hi Matt,
    It should be possible for you to do that - running with default optimization policies, which are on pr. default in a WAVE/WAE appliance.
    Check by doing a show run on the WAVE-594 ... you should see a lot of class-maps etc.
    You might end up with slightly better optimization results, when you can trigger the policy to your specific needs and enable some non-default features.
    Best regards
    Finn Poulsen

  • HT5824 Managing contact details across various devices

    I´m having trouble transferring my contacts (used to be in Exchange Account), that are in my iphone (and also backed up in a PST file) to a "new" environment that will keep information synched and up to date in all devices and in the cloud. Any suggestions?
    - My most up to date contacts are on iphone 5s
    - Laptop is MacBook Air
    - OUTLOOK is my preferred email program
    - I also use iPad on the road

    Open the contacts app and tap Groups.  What account do the former exchange account contacts belong to?
    Also go to Settings>Mail,Contacts,Calendars>Default Account (in the Contacts section).  Do you have the Default Account setting there, and if so, what is selected as your default account?

Maybe you are looking for

  • Dynamic Receiver file name in AS2 adapter

    Hi Experts, How to get dynamic receiver file name in AS2 adapter. We need receiver file name same as of sender file name. We tried selecting dynamic attributes file name but we are getting followin error in CC. Message processing failed. Cause: javax

  • Sending Smart form to Printer  in SRM

    Hi All, I am trying to send a smartform to Printer in SRM ITS. I gave output options and control parameters . When i see the Print dialog box i dont see the Front end printers in that. Normally when we pass  LOCL we should see default printer in Prin

  • Connecting MacBook to G5

    Hi, Not sure this is the right area, but it's related to display problem on my G5. Upon powering up (OS X never boots), I get nothing but a black screen and loud fan- I've tried an SMU reset...nothing has worked. Before it goes in for repair, I'd lik

  • Connecting ipod directly to amp in car

    i was wondering if connecting my ipod directly to the amp in my car using a cable with rca plugs on one end and a headphone jack on the other would create any problems for my ipod... anyone know?

  • Importing .mpg files

    Is it possible to import .mpg or MPEG files into iMovie '08? I can open and view the files in Quicktime. If it's not possible to import into iMovie, is there a way to burn a DVD of the video in Quicktime? Thanks!