12-12-2023 01:02 AM
Hi All,
I just want to check on the SDA Wireless AP communication in underlay. we are using Infra (default) vrf for AP subnet and due to our undelay infra design, we have asymmetric routing from Wireless AP subnet to service subnets (DNAC, DHCP, DNS etc). As i know AP need to communicate with DHCP server to get the IP address. other than the DHCP communication, do we need any other communication from AP to any other services? do we need AP need to communicate with DNAC? especially I am looking for any TCP traffic from AP which block by firewall because of asymmetric routing.
Solved! Go to Solution.
12-12-2023 07:33 AM
Hello,
Don't think asymmetric routing will be an issue here. If you have two NGFWs on site, typically one will be active and the other will be passive, so all traffic should flow through a single NGFW anyway.
As for ports, all is documented in the Catalyst Center Install and upgrade guides.
In the embedded link above, you can go to table 7 & 8.
Hope that helps.
Regards, P.
12-12-2023 07:33 AM
Hello,
Don't think asymmetric routing will be an issue here. If you have two NGFWs on site, typically one will be active and the other will be passive, so all traffic should flow through a single NGFW anyway.
As for ports, all is documented in the Catalyst Center Install and upgrade guides.
In the embedded link above, you can go to table 7 & 8.
Hope that helps.
Regards, P.
12-12-2023 06:07 PM
@PabMar thanks for your reply. the link is very helpful.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide