Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3593
Views
5
Helpful
2
Replies

Allow Promiscuous on ACI vDS port-group

mamullen
Cisco Employee
Cisco Employee

‎10-10-2017 06:12 AM - edited ‎03-01-2019 05:21 AM

I have an ASAv connected to port groups that are mapped to EPGs in ACI.  The inside interface of the ASAv is set to the port group which is mapped to the App EPG,  and the outside interface is set to the port group which is mapped to the Web EPG.  The ASAv is running in transparent mode.  I think in order for traffic to flow,  I need to turn on Promiscuous mode on the port-groups that the ASAv is connected to.  When I change the promiscuous setting on the port groups within vCenter to Accept,  it is immediately reverted back to Reject.  I am assuming it is the APIC that is doing this, but I have not been able to find the port group security settings on the APIC.  The online help seems to indicate that the settings should be under the EPG VMM Domain association,  but they are missing.  Where do you set the promiscuous,  forged transmits, and MAC address changes in ACI 3.0(1k)?    

1 person had this problem
Labels:
0 Helpful
2 Replies 2

nvermand
Cisco Employee
Cisco Employee

‎10-11-2017 01:29 PM

It's under the tenant then EPG>Domains. right-click the VMM-Domain and select "edit VMM Association".

Regards,

Nicolas

frank_dux
Level 1
Level 1
In response to nvermand

‎05-04-2018 04:04 AM

Hi,

We use ACI 3.0(1.k) and I don't see this option? Could you please explain in details how to configure Promiscuous Mode?

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License