Buy or Renew
Buy or Renew
COMING SOON: Umbrella and Secure Access release notes are coming to Cisco Community. The community will be in read-only August 16 – 19. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1932
Views
0
Helpful
4
Replies

Nexus Dashboard Communication with APIC for NDO Operations

Go to solution
dan.laden
Level 1
Level 1

‎04-06-2022 04:24 PM

Looking to have Nexus Dashboard to be outside a firewall and need to allow rules to allow Nexus Dashboard Orchestrator  to communicate with the OOB APIC IP address.

 

https://www.cisco.com/c/en/us/td/docs/dcn/nd/2x/deployment/cisco-nexus-dashboard-deployment-guide-211/nd-deploy-overview-21x.html

 

The ports mentions inband of apic and switch.  Is this focused on network insight or ndo or both or other? Does ND for NDO need kafka and kms access to the fabric?  Does ND for NDO need ssh access to the ACI fabric?

 

Thank You.

 

 

In the doc, the next table is labeled for nexus insights.  Is there a table somewhere for NDO.

 

 

 

Labels:
Preview file
77 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎04-07-2022 12:24 AM

Hi @dan.laden 

Communication between APICs and MSO (NDO) is only using TCP 80/443 for APIC REST API.

 

You can use this installation guide for reference: https://www.cisco.com/c/en/us/td/docs/dcn/mso/3x/installation/cisco-aci-multi-site-installation-upgrade-guide-311/mso-deploy-install-overview-31x.html 

I know it's for the old standalone MSO, but the communication with APIC doesn't change.

 

Stay safe,

Sergiu

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni

‎04-07-2022 12:24 AM

Hi @dan.laden 

Communication between APICs and MSO (NDO) is only using TCP 80/443 for APIC REST API.

 

You can use this installation guide for reference: https://www.cisco.com/c/en/us/td/docs/dcn/mso/3x/installation/cisco-aci-multi-site-installation-upgrade-guide-311/mso-deploy-install-overview-31x.html 

I know it's for the old standalone MSO, but the communication with APIC doesn't change.

 

Stay safe,

Sergiu

0 Helpful

Go to solution
dan.laden
Level 1
Level 1
In response to Sergiu.Daniluk

‎04-07-2022 09:19 AM

seems to be working with just 443 where you have listed 80/443. is there a particular condition where port 80 is required?  

when i look a the pod management access policy...http access is disabled, redirect is disabled.

0 Helpful

Go to solution
Sergiu.Daniluk
VIP Alumni
VIP Alumni
In response to dan.laden

‎04-07-2022 09:04 PM

If you have http enabled on your APIC and you want to use http instead of https to connect MSO to APIC, then I guess that would be the condition when port 80 is used.

 

0 Helpful

Go to solution
dan.laden
Level 1
Level 1

‎04-07-2022 09:18 AM - edited ‎04-07-2022 09:20 AM

 ..deleted...

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License