Buy or Renew
Buy or Renew
NOTICE: The community will be in READ-ONLY Sept. 6 – 9 to add Umbrella release notes and announcements. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
587
Views
0
Helpful
0
Replies

Cisco ACI with sub-interface on remote ASA

Kayce Desai
Level 1
Level 1

‎08-30-2017 05:53 PM - edited ‎02-21-2020 06:15 AM

What is the best way to deploy Cisco ACI with ASA on multiple sub-interface.

 

For example in our traditional network

We have Core switch that works as L2 & L3 for the network. It has Layer 2 trunk (with all allowed vlan for sub-interface) connecting to the border ASA and  ASA is configured with multiple SUB interface for different network behind the firewall including one internal network for Default route ( outgoing internet )

Core switch has layer 2 coz we have some VM that are part of the one or more sub-interface on ASA it does layer 2 through switch with in same subnet & gateway being the ASA sub-interface.

 

What will be the best way to replicate this setup  on ACI ?

My first thought was to  move internal network to different interface on ASA & configure it as l3out with default route for the network & create one new EPG – L2 (without ip subnet) with all Vlan in vlan pool for the existing sub – interface & add static bind to the trunk going to ASA.

 

Is there any other better way to do this ..

Labels:
Preview file
33 KB
Preview file
33 KB
Preview file
33 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card