Buy or Renew
Buy or Renew
Cisco DNA Center is now Catalyst Center. New name, same great product. Learn more about Catalyst Center here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1099
Views
0
Helpful
2
Replies

DNA IP adress to internet

Daniel Alberto Rodriguez Quintero
Level 1
Level 1

‎08-30-2021 09:32 AM

Hi everyone, I should permit on my firewall the ip address of the DNA that goes to internet, this process is a little slow so I don´t want to make a mistake.

 

I have a 3 node cluster and only two intefaces per node, the enterprise and the cluster interface.

 

Only with the enterprise ip address should work? Or should I permit the cluster or virtual ip address?

 

Regards!!!

Labels:
0 Helpful
2 Replies 2

rasmus.elmholt
Level 7
Level 7

‎08-30-2021 11:16 AM

Hi Daniel,

 

You only need to allow it from the IP addresses of all 3 nodes Enterprise port, if that is the port you have configured a default gateway on.

The Cluster port is only used for the nodes to talk to each other.

0 Helpful

AkramMordeaa
Level 1
Level 1

‎09-15-2021 05:38 PM

The Cluster IP addressing does not need a default gateway, the 3 members are required to be on the Same VLAN to communicate only,

So in other words only your enterprise Subnets require a default Gateway to access the internet, I would not even create an L3 VLAN for your Cluster 

0 Helpful
Customers Also Viewed These Support Documents