Troubleshooting guide
1-43
Cisco Wide Area Application Services Configuration Guide
OL-26579-01
Chapter 1 Configuring Application Acceleration
Enabling and Disabling the Global Optimization Features
Note Both Mozilla Firefox and Internet Explorer support SSLv3 and TLSv1 protocols, however
TLSv1 may not be enabled by default. Therefore, you need to enable it in your browser.
Configuring ciphers or protocols that are not supported in your browser will result in connection
loss between the browser and the Central Manager. If this occurs, configure the Central Manager
management service SSL settings to the default in the CLI to restore the connection.
Some browsers, such as Internet Explorer, do not correctly handle a change of SSL version and
cipher settings on the Central Manager, which can result in the browser showing an error page
after submitting changes. If this occurs, reload the page.
Step 4 In the Cipher List pane, choose a list of cipher suites to be used for SSL acceleration. See the “Working
with Cipher Lists” section on page 1-35 for additional information.
Configuring SSL Peering Service
SSL peering service configuration parameters control secure communications established by the SSL
accelerator between WAE devices while optimizing SSL connections (see Figure 1-14 on page 1-30).
The peering service certificate and private key is unique for each WAAS device and can only be
configured for individual devices, not device groups.
To configure SSL peering service, follow these steps:
Step 1 From the WAAS Central Manager menu, choose Devices > device-name.
Step 2 Choose Configure > Security > Peering Service.
The Peering Service window appears (see Figure 1-27).
Note For a WAAS Express device, the Peering Service window shows a subset of the fields in the
standard Peering Service window in a slightly different format.
Cipher list Priority setting and Disable revocation check of peer certificates option are not
applicable to WAAS Express.
rsa-with-rc4-128-md5 Supported Supported
dhe-rsa-with-des-cbc-sha Not Supported Not enabled by default
rsa-export1024-with-rc4-56-sha Supported Not enabled by default
rsa-export1024-with-des-cbc-sha Supported Not enabled by default
dhe-rsa-export-with-des40-cbc-sha Not Supported Not Supported
rsa-export-with-des40-cbc-sha Not Supported Not Supported
rsa-export-with-rc4-40-md5 Supported Supported
Table 1-3 Cipher Lists Supported with Internet Explorer and Mozilla Firefox
Cipher Internet Explorer Firefox