Specifications
3-276
Cisco Wide Area Application Services Command Reference
OL-11817-01
Chapter 3 CLI Commands
(config) central-manager
If you change the WAAS Central Manager GUI port number, the Centralized Management System
(CMS) service is automatically restarted on the WAAS Central Manager if the cms service has been
enabled on the WAAS Central Manager by entering the cms enable global configuration command on
the WAAS Central Manager.
Configuring Devices Inside a NAT
In a WAAS network, there are two methods for a WAAS device that is registered with the WAAS Central
Manager (WAEs or a standby WAAS Central Manager) to obtain configuration information from the
primary WAAS Central Manager. The primary method is for the device to periodically poll the primary
WAAS Central Manager on port 443 to request a configuration update. You cannot configure this port
number. The backup method is when the WAAS Central Manager pushes configuration updates to a
registered device as soon as possible by issuing a notification to the registered device on port 443. This
method allows changes to take effect in a timelier manner. You cannot configure this port number even
when the backup method is being used. WAAS networks do not work reliably if devices registered with
the WAAS Central Manager are unable to poll the WAAS Central Manager for configuration updates.
All of the above methods become complex in the presence of Network Address Translation (NAT)
firewalls. When a WAAS device (WAEs at the edge of the network and the primary or standby WAAS
Central Managers) is inside a NAT firewall, those devices that are inside the same NAT use one IP
address (the inside local IP address) to access the device, and those devices that are outside the NAT use
a different IP address (the inside global IP address) to access the device. A centrally managed device
advertises only its inside local IP address to the WAAS Central Manager. All other devices inside the
NAT use the inside local IP address to contact the centrally managed device that resides inside the NAT.
A device that is not inside the same NAT as the centrally managed device is not able to contact it without
special configuration.
If the primary WAAS Central Manager is inside a NAT, you can allow a device outside the NAT to poll
it for getUpdate requests by configuring a static translation (inside global IP address) for the WAAS
Central Manager’s inside local IP address on its NAT, and using this address, rather than the WAAS
Central Manager’s inside local IP address, in the central-manager address ip-address global
configuration command when you register the device to the WAAS Central Manager. If a WAAS device
is inside a NAT and the WAAS Central Manager is outside the NAT, you can allow the WAAS device to
poll for getUpdate requests by configuring a static translation (inside global IP address) for the WAAS
device’s inside local address on its NAT and specifying this address in the Use IP Address field under
the NAT Configuration heading in the Device Activation window.
Note Static translation establishes a one-to-one mapping between your inside local address and an inside
global address. Static translation is useful when a host on the inside must be accessible by a fixed address
from the outside.
Standby WAAS Central Managers
The Cisco WAAS software implements a standby WAAS Central Manager. This process allows you to
maintain a copy of the WAAS network configuration. If the primary WAAS Central Manager fails, the
standby can be used to replace the primary.
For interoperability, when a standby WAAS Central Manager is used, it must be at the same software
version as the primary WAAS Central Manager to maintain the full WAAS Central Manager
configuration. Otherwise, the standby WAAS Central Manager detects this status and does not process
any configuration updates that it receives from the primary WAAS Central Manager until the problem is
corrected.