04-23-2024 02:03 PM
Do all VNs from a SDA border node need to the same fusion device? We would like to take our Corporate traffic and fuse that to our GRT with a Nexus switch. We'd like to take our IOT and Guest VNs and run them through a firewall for policy and inspection. Is there any restrictions to sending traffic from separate VNs to different Fusion devices?
Solved! Go to Solution.
04-24-2024 11:06 PM
Hi, all L3VNs do not need to route through same fusion devices, that is not a requirement. You can handoff different Layer 3 Virtual Networks to different external routing domains. For example, you can create IP-Transit-1 for Nexus and IP-Transit-2 for firewall. Then connect both IPT1 and IPT2 to a Border Node and enable only your desired Layer 3 Virtual Networks in each IP Transit. Best regards, Jerome
04-23-2024 10:07 PM
i guess this will address your Q Guide to choosing SD-Access (SDA) Border roles in Cisco DNAC 1.3 - Cisco Community
04-24-2024 11:06 PM
Hi, all L3VNs do not need to route through same fusion devices, that is not a requirement. You can handoff different Layer 3 Virtual Networks to different external routing domains. For example, you can create IP-Transit-1 for Nexus and IP-Transit-2 for firewall. Then connect both IPT1 and IPT2 to a Border Node and enable only your desired Layer 3 Virtual Networks in each IP Transit. Best regards, Jerome
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide