cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
315
Views
0
Helpful
3
Replies

Where to configure static route on ACI

Hello! I have a question related to in which switch I have to configure static routes. I have different FW connected to different ACI switches showed in diagram. I have to configure default route to upstream FW and inside route to downstream FW. Need I configure both routes in all switches connected to FW o one route in upstream switches and another route in downstream switches?

Thanks!

3 Replies 3

AshSe
Level 3
Level 3

Hi @Alexandre Semenov , just by seeing your diagram, it looks you have to configure individual static route on each leaf switch.

But before concluding, could you please clarify:

  1. Is there 1 to 1 connectivity between individual switch to individual firewall?
  2. Is there any HA configured in the firewall?
  3. Have you configured L3Out?

Awaiting your response!!

PS: There is a separate community to discuss your ACI queries. I would love to see you there to give to prompt response and you can get responses from many industry experts.

Hello,

 

Yes i have 1 to 1 conection between ACI swicthes and FW and we have SVI as L3OUT because of HA in FW.

 

AshSe
Level 3
Level 3

Hello @Alexandre Semenov 

I wonder with HA on FWs, how can you have 1o1 connection with Leaf switches. Please consider:

  • vPC on Leaf switches, with HA on Firewall.
    • Each leaf switch to be connected to both FWs
  • SVI on leaf switches.
  • Configure a destination route on ACI leaf switches pointing GW to FW HA IP.
  • On primary HA FW configure two same destination routes pointing GW to SVIs of Leaf switches.
    • This will provide redundancy and load balancing

Review Cisco Networking for a $25 gift card