Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
831
Views
2
Helpful
8
Replies

Static route on Cisco SDA Border switch

Kaneki007
Level 1
Level 1

‎05-29-2023 12:46 PM

Hello all,

I'm new to Cisco SD-ACCESS technology, and i have to migrate two 2 and 2 firewalls to the SDA Fabric on the border switch, the two routers are connected to the traditionnal campus with BGP, but the 2 firewalls have only static routes, i'm wondering how should i connect them to the fabric? For the two routers i understand i can use L3handoff but for the firewalls how can i add static routes on the border to reach specific subnets behind these firewalls ?

Labels:
0 Helpful
8 Replies 8

Flavio Miranda
VIP
VIP

‎05-29-2023 01:08 PM

Hi

 It shouldn´t be a problem either with green field or brown field SDA. You can take a look here

https://www.cisco.com/c/en/us/td/docs/cloud-systems-management/network-automation-and-management/dna-center/tech_notes/b_dnac_sda_lan_automation_deployment.html#id_92010

 

0 Helpful

Kaneki007
Level 1
Level 1
In response to Flavio Miranda

‎05-29-2023 01:22 PM

On this article they show how to add static route on the DNA itself, but in my case The 2 firewalls will be connected to the border switch, so i want to create a simple L3 routed link and add static routes for specific subnets on the border switch 

Flavio Miranda
VIP
VIP
In response to Kaneki007

‎05-29-2023 02:27 PM

I added the wrong link, sorry.  Let me find here and I will share. 

 

0 Helpful

Kaneki007
Level 1
Level 1
In response to Flavio Miranda

‎05-29-2023 02:37 PM

Okay thank you i appreciate it 

0 Helpful

Flavio Miranda
VIP
VIP
In response to Kaneki007

‎05-29-2023 03:57 PM

Here it. It is a vídeo actually. But the scenario seems to be similar to yours

https://m.youtube.com/watch?v=KPSWLnNvBpQ&feature=youtu.be#bottom-sheet 

0 Helpful

jalejand
Cisco Employee
Cisco Employee

‎05-31-2023 10:40 AM

If the firewall cannot support BGP, still configure the L3 handoffs/IP Transit in the Borders, this will configure both BGP and SVI configuration; use it to create the L3 interfaces between the Border and Firewall.

With these created, you can just use static routes in the Firewall to point to the interfaces created by the L3 Handoff/IP Transit feature.

Of course, using BGP will give you the advantage of importing specific prefixes into LISP and do dynamic routing, but static can do the job too.

0 Helpful

Kaneki007
Level 1
Level 1
In response to jalejand

‎05-31-2023 02:16 PM

How can i add static routes on the border from the DNAC please? 

0 Helpful

andy!doesnt!like!uucp
Spotlight
Spotlight
In response to Kaneki007

‎05-31-2023 10:23 PM

u must use network templates for this.

Customers Also Viewed These Support Documents