Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1086
Views
0
Helpful
1
Replies

L3out - Multisite (FW active/standby)

FedeGaibrel
Level 1
Level 1

‎02-14-2020 09:55 AM

Hello team! How are you? I've been trying to find information on how connect two l3outs in a multisite scenario.

He have site 1 and site 2. In site 1 we have the active FW and the site 2 has the passive fw. Until now, the dg are in the Checkpoint, so our vlans reach it by a l2outs. Also we have all vlans in streched BD across the sites.

So now we need to move those default gateways to ACI and create the l3outs(static routing) as i mentioned above. I don´t know if i can create two l3outs in each site with a extended external EPG across sites. Is it supported? i couldn´t find a explanation about it, except  with services nodes integration, that it says there is a limitation support.

 

Thanks!

Labels:
0 Helpful
1 Reply 1

richmond
Level 1
Level 1

‎02-17-2020 05:30 PM

It looks like this is supported from 4.2.1 and later. It requires you to set up a separate L3Out in each site and use Inter-Site L3Out support which was introduce in 4.2.

 

See here, page 115 through to 139 : https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2020/pdf/BRKACI-2125.pdf

 

I'm not sure on the encapsulation scope in the L3 Outs of each site so the firewalls see each other in the segment that they peer to ACI on. I'd try setting it from local to VRF, but I haven't seen anything stating that it will work across sites.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents

Save 25% on Day-2 Operations Add-On License