Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
857
Views
0
Helpful
1
Replies

Fortinet HA link over Fabric in MultiPod setup.

Gomez
Level 1
Level 1

‎10-21-2021 07:23 AM

Hi,

I have the following questions can we run a HA link of firewall(Fortinet, Palo) over ACI multipod.  Do we need to take any special considerations into account recording the ACI endpoint learning beheaviour?

 

Frederik

 

0 Helpful
1 Reply 1

Robert Burns
Cisco Employee
Cisco Employee

‎10-21-2021 07:31 AM

Yes you will likely need to make VRF/BD-level forwarding configurations based on how the vendor handles A/A or A/S deployments (Same Floating VIP, Virtual MACs etc).   Commonly you may need to disable IP DP learning on the VRF, but in newer ACI versions (5.2) you can disable EP learning against /32 addresses specifically without having to global disable it on the VRF.
Start with finding out how each respective vendor handles HA, then we can advise accordingly.  

Robert 

0 Helpful
Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License