Hello, I'm installing an Office365 + Microsoft Dynamics PoC in a client, so far I've done everything as the "book" says but I still cant see any optimization.
My topology is as follows: We moved the Steelhead after the FW because the NAT was giving us too much trouble(because of the way it was configured, separed IPs for VLAN steelhead, VLAN users)
LAN---SW--------Firewall (HSRP)----Client Steelhead ---Internet---Cloud Portal---Office365, Microsoft Dynamics.
The Steelhead is properly registered in the Cloud Portal.
The certificates where created and installed in the clients (CA cloud hosted), the proxy certificates for each aplication are activated. (see attached)
Here you can see some logs:
SH-D # show service cloud-accel
Service Ready: Yes
Reason: Data retrieved successfully from Portal. (Fri Sep 2 19:04:13 2016)
Last Contact: Fri Sep 2 19:04:13 2016
Portal: cloudportal.riverbed.com:443 (HTTPS)
Spill-over Policy: Disabled
Redirect RiOS PT Policy: Enabled
SH-D # show service cloud-accel access
Refresh period: 1200 seconds
Portal cert checking: Enabled
Customer ESH ID: 401527 (1469634647)
Entitlement Code: JZB7rEh1W4jxq2FWDZqAS80wQqti5UlU (1465948265)
Akamai Customer ID: 477173 (1472851892)
SaaS data version: 9666a6c1501057f08e44428b8da383cfdf6d18d6
Cert uploaded: Yes
I see this log, but I couldn't find it anywhere:
Sep 2 17:31:40 SH-D rscored: [ocd.nwutils.NOTICE] Refreshing resolver cache
Sep 2 17:31:40 SH-D rscored: [ocd.auth_helper.WARNING] Error in message from riverbedcmc for server riverbedcmc failed due to HTTPSConnectionPool(host='riverbedcmc', port=443): Max retries exceeded with url: /api/cmc.auth/1.0/certificate (Caused by <class 'socket.gaierror'>: [Errno -2] Name or service not known)
Sep 2 17:31:40 SH-D rscored: [ocd.auth_helper.WARNING] Creating a server connection to riverbedcmc failed due to HTTPSConnectionPool(host='riverbedcmc', port=443): Max retries exceeded with url: /api/cmc.auth/1.0/certificate (Caused by <class 'socket.gaierror'>: [Errno -2] Name or service not known)
But so far we don't see any connection optimizing, and I see the message in every fail connection:
Passthrought Reason: No Steelhead on path to server
I need to solve this and make it work ASAP.
In case this is only a problem of asymetric routing, how can I solve it? should I change the topology?