Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1130
Views
0
Helpful
0
Replies

ACI PBR (Inter-Tenant configuration)- Two arm mode with one user tenant ABC + shared L3Out in common tenant

ndhan302
Level 1
Level 1

‎04-26-2020 06:12 AM

Objective

The PBR Traffic from Web EPG (from User tenant-ABC) should go via Service BD (Internal) and via Service BD (External) and reach Shared L3out in Common Tenant for Internet access

Refer attachment for Topology

Configuration

  1. ASAV is the FW used in this topology and mapped to Tenant-ABC

E1 interface is Internal

E2 interface is External

Note:E1 and E2 interfaces are mapped to Service BD along with the mac address of ASAv

  1. L4L7 deivce is configured as unmanaged mode in under Tenant-ABC
  2. Service BD (Inside BD and outside BD) configured in Tenant ABC
  3. One L3out is created in common tenant for external services access like Internet etc
  4. Service Graph is created in Tenant-ABC
  5. When we deploy Service Graph with Two-arm, selecting inside as consumer and outside as provider (Flow-2

Result:

              After deploying the service graph, we are unable to ping FW external interface from ACI

would like to understand on the inter-tenant VRF leaking using PBR configuration(Two-arm)

Labels:
Preview file
60 KB
0 Helpful
0 Replies 0
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License