Troubleshooting guide

ManualsBrandsCisco ManualsComputer equipmentWide Area Virtualization Engine 274

261

262

263

264

265

266

267

268

269

270

1-3

Cisco Wide Area Application Services Configuration Guide

OL-26579-01

Chapter 1 Creating and Managing IP Access Control Lists for WAAS Devices

Creating and Managing IP ACLs for WAAS Devices

• Each WAAS Central Manager device can manage up to 50 IP ACLs and a total of 500 conditions

per device.

• When the IP ACL name is numeric, numbers 1 through 99 denote standard IP ACLs and numbers

100 through 199 denote extended IP ACLs. IP ACL names that begin with a number cannot contain

nonnumeric characters.

• The WAAS Central Manager GUI allows the association of standard IP ACLs with SNMP and

WCCP. Any device that attempts to access one of these applications associated with an ACL must

be on the list of trusted devices to be allowed access.

• You can associate any previously configured standard IP ACL with SNMP and WCCP; however, you

can associate an extended IP ACL only with the WCCP application.

• You can delete an IP ACL, including all conditions and associations with network interfaces and

applications, or you can delete only the IP ACL conditions. Deleting all conditions allows you to

change the IP ACL type if you choose to do so. The IP ACL entry continues to appear in the IP ACL

listing; however, it is in effect nonexistent.

• If you specify an empty ACL for any of the ACL types used by WAAS, it has the effect of permitting

all traffic.

To use the WAAS Central Manager GUI to create and modify an IP ACL for a single WAE, associate an

IP ACL with an application, and then apply it to an interface on the WAE, follow these steps:

Step 1 From the WAAS Central Manager menu, choose Devices > device-name.

Step 2 Choose Configure > Network > TCP/IP Settings > IP ACL.

The IP ACL window appears. By default, there are no IP ACLs defined for a WAE. The IP ACL window

indicates if there are currently no IP ACLs configured for the WAE.

Step 3 In the taskbar, click the Create a new IP ACL icon.

The Creating New IP ACL window appears. Fill in the fields as follows:

• In the Name field, enter a name (for example, test1), observing the naming rules for IP ACLs.

By default, this new IP ACL is created as a standard ACL.

Note IP ACL names must be unique within the device, must be limited to 30 characters, and

cannot contain any white spaces or special characters.

• If you want to change this default setting and create this new ACL as an extended ACL, choose

Extended from the ACL Type drop-down list.

Step 4 Click Submit to save the IP ACL named test1. IP ACLs without any conditions defined do not appear

on the individual devices.

Step 5 Add conditions to the standard IP ACL named test1 that you just created:

a. In the taskbar, click the Create New Condition icon.

The Creating New Condition window appears. (See Figure 1-1.)

Note The number of available fields for creating IP ACL conditions depends on the type of IP

ACL that you have created, either standard or extended.