Hi,
I need help with Cisco ACI labels that apply to vzany. My customer have a vrf with 120 ESGs and two External EPGs (EEPG-1 and EEPG-2) and service graph for Firewall insertion in PBR, the requirements are
- All traffic between the ESGs and with EEPG-1 must be redirected to Firewall. This can be solved applying a contract in vzany with the firewall redirection service graph in a subject with "permit ip" filter.
- All traffic betwenn the ESGs and EEPG-1 to and from EEPG-2 must be allowed and routed (no firewall redirection). I have tried with contract exception, but vzany do not support it, so I thinks that my only chance is with EPG or subject labels but I dont find documentation for use them with vzany.
Any ideas?.
Regards.