Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1531
Views
0
Helpful
6
Replies

Cloud ACI in AWS

Go to solution
SIMMN
Spotlight
Spotlight

‎04-06-2022 05:53 AM

I have a customer who runs Cisco SD-WAN cloud onramp with AWS already and they are looking to extend ACI into AWS as well. I still do not understand why the SD-WAN can not be used for ACI multi-site inter-site transport between On-prem and AWS...But it is not what I am asking here...

 

When setting up the SD-WAN cloud onramp, there was a transit VPC created to host the sd-wan edge virtual instances. To instantiate Cloud APIC in AWS, the Infra VPC would be created. So my question is can I re-use the existing transit VPC as the infra VPC for Cloud ACI?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Huyen Duong
Cisco Employee
Cisco Employee

‎04-08-2022 10:17 AM

Hi,

As of today, you cannot re-use existing transit VPC for Cloud APIC deployment. Cloud APIC deployment process from AWS marketplace will bring up new Infra VPC.

Thanks

View solution in original post

0 Helpful
6 Replies 6

Go to solution
Huyen Duong
Cisco Employee
Cisco Employee

‎04-08-2022 10:17 AM

Hi,

As of today, you cannot re-use existing transit VPC for Cloud APIC deployment. Cloud APIC deployment process from AWS marketplace will bring up new Infra VPC.

Thanks

0 Helpful

Go to solution
SIMMN
Spotlight
Spotlight
In response to Huyen Duong

‎04-08-2022 10:25 AM

Okey, so I would have to do a VPC peering between Transit VPC and Infra VPC if I need the workloads in the two to communicate, right?

0 Helpful

Go to solution
Huyen Duong
Cisco Employee
Cisco Employee
In response to SIMMN

‎04-08-2022 10:37 AM

Hi, 

Not VPC Peering, as cAPIC will not do VPC peering with un-managed VPC. Pls see this link for reference

https://www.cisco.com/c/en/us/td/docs/dcn/aci/cloud-apic/use-case/configuring-external-connectivity-using-nexus-dashboard-orchestrator/m-configuring-external-connectivity-overview.html

 

In brief, from cAPIC we can create external connectivity using IPSec and BGP to SDWAN edge. Then 2 domains SDWAN and Cloud ACI can talk to each other.

 

Thanks !

0 Helpful

Go to solution
SIMMN
Spotlight
Spotlight
In response to Huyen Duong

‎04-08-2022 10:49 AM

Thanks for the link! So from a quick glance, it would be just typical ipsec tunnels between Infra and Transit VPCs, just like between Infra and User VPCs, right?

0 Helpful

Go to solution
Huyen Duong
Cisco Employee
Cisco Employee
In response to SIMMN

‎04-08-2022 10:55 AM

Hi
Yes, to be correct it is IPSec between CSR(now is Catalyst 8000V) managed by Cloud APIC and cEdge managed by vManage.

This solution is used to connect Cloud ACI solution to any non-ACI network.
0 Helpful

Go to solution
SIMMN
Spotlight
Spotlight
In response to Huyen Duong

‎04-08-2022 10:56 AM

Thanks!

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card

Save 25% on Day-2 Operations Add-On License