cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
235
Views
0
Helpful
3
Replies
Highlighted

Accessing one-armed PBR node via the PBR interface

Hi community,

 

Recently deployed an FTD pair in one-armed mode. Despite pingable from the service leaf, and the BD associated with the L3out with its subnet Advertised Externally, when I tried to ping from outside of the L3out to the PBR node it's inaccessible.

 

That'sreally fine for FTD since it's managed via another interface. Now I'm about to migrate a CheckPoint from the old network, after that there would only be one sub-interface left on the CheckPoint. Would there be anyway that I can access the CheckPoint for management in this topology?

 

Thanksa lot.

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Rising star

Re: Accessing one-armed PBR node via the PBR interface

Hi @tuanquangnguyen 

Is the L3Out consumer/provider of the SG? If yes, do you have "Direct Connect" option enabled? This setting, when enabled in the service graph, enables communication (individually):

  • from the consumer EPG to the consumer connector of the PBR node
  • from the provider EPG to the provider connector of the PBR node

For additional details about this option can be found in the ACI PBR white paper: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739971.html 

 

Regards,

Sergiu

View solution in original post

3 REPLIES 3
Highlighted
Rising star

Re: Accessing one-armed PBR node via the PBR interface

Hi @tuanquangnguyen 

Is the L3Out consumer/provider of the SG? If yes, do you have "Direct Connect" option enabled? This setting, when enabled in the service graph, enables communication (individually):

  • from the consumer EPG to the consumer connector of the PBR node
  • from the provider EPG to the provider connector of the PBR node

For additional details about this option can be found in the ACI PBR white paper: https://www.cisco.com/c/en/us/solutions/collateral/data-center-virtualization/application-centric-infrastructure/white-paper-c11-739971.html 

 

Regards,

Sergiu

View solution in original post

Highlighted

Re: Accessing one-armed PBR node via the PBR interface

That did the trick.

Thanks for your help @msdaniluk
Highlighted
Rising star

Re: Accessing one-armed PBR node via the PBR interface

With pleasure! Happy to hear that it's all good now ^_^

 

Cheers,

Sergiu