Cisco Community
English
Register
Certain Solid State Drives (SSD) modules will stop functioning at 40,000 power-on hours (~4.5 years) if firmware is not updated. REVIEW UPGRADE DETAILS HERE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

323
Views
0
Helpful
0
Replies
Justin Westover
Beginner
Beginner
‎11-24-2014 09:57 PM
‎11-24-2014 09:57 PM

Extend L2 using OTV with Stateful firewalls as gateways

I have an OTV design related question.  We currently use Cisco ASA firewalls as the L3 gateways between our different web and application and database tiers and several other tiers. We are now beginning to look into an extended L2 datacenter design where we extend our L2 domains over our current DCI using a technology such as OTV. Has anyone seen or heard of an OTV deployment where the LANs being extended over the overlay had a gateway of an ASA firewall? The problem I see with this is if two or more datacenters share the same IP as the gateway the clients use (on the firewalls) and a VM migrates from one DC to the other, the firewall at the other datacenter won't have a state table from the VM and drop any existing traffic the VM had going. The only solution I see around this is clustering the ASAs so they share state tables. I was also curious if anyone has seen this work with transparent firewalls where the gateway now lives on a different device other than the ASA such as the Nexus switch itself on an SVI. Any guidance here would be appreciated. Thanks 

Labels:
1 person had this problem
0 Helpful
0 REPLIES 0
Latest Contents
ACI Upgrade Tools and Best Practices
Created by lindawa on 10-07-2021 04:45 AM
0
0
0
0
We delivered a partner enablement training session in September 2021 to share the ACI upgrade Best Practices.  The slide deck is enclosed here for wider audience in the community, it provides more details in terms of the best practices, tools and co... view more
Cisco ACI Ask the Experts FAQ: Distributed Networking
Created by ansuri on 09-27-2021 03:07 AM
0
5
0
5
What is Cisco ACI Anywhere?What are ACI connectivity options for managing Primary On-Prem DCs?What are ACI options for extending your Data center to secondary remote locations (Physical)?How ACI provides centralized network policy framework for workloads ... view more
Join our Newly Named Cloud Networking Community @CCP!!
Created by jviherva on 09-02-2021 04:53 PM
0
5
0
5
Cloud Networking Community on Cisco Customer Connection   Join our community!! As a valued Cisco Cloud Networking (former DCN) customer, you can be part of Cisco Customer Connection Program (CCP), Cisco’s global online community program. Connect ... view more
Webinar - Simplify Orchestration of Your Infrastructure and ...
Created by movaswan on 09-01-2021 02:47 PM
0
0
0
0
Join us for a live demo of Cisco Intersight Cloud Orchestrator to learn how you can simplify the orchestration and automation of your infrastructure and workloads across your hybrid cloud environment. We will take a closer look at Cisco Intersight Cloud O... view more
Simplify Orchestration of Your Infrastructure and Workloads
Created by gajewell on 08-12-2021 03:55 PM
0
0
0
0
Hybrid Cloud Demo Series: Simplify Orchestration of Your Infrastructure and Workloads Tuesday, September 7, 202110:00 am Pacific Time(San Francisco, GMT-08:00)Join us for a live demo of Cisco Intersight Cloud Orchestrator to learn how you can simpli... view more
Ask a Question
Create
+ Discussion
+ Blog
+ Document
+ Event
+ Video
+ Project Story
Find more resources
Discussions
Blogs
Documents
Events
Videos
Project Gallery
New Community Member Guide
Recognize Your Peers
Spotlight Award Nomination
Content for Community-Ad