About weylin.piegorsch

weylin.piegorsch · 03-18-2025

I'm having trouble figuring this out from the configuration guide, and ChatGPT is giving me answer that I'm questioning.I have an ASA (technically a FPR in ASA-only mode) on v9.20. I'm running AnyConnect, but I want to have two groups that each forw...

weylin.piegorsch · 10-27-2024

On the ACI side, how do I configure things so that all leafs (border or non-border) choose one border leaf for all packets, with automatic failover to the other border leaf?I have two locations, one with Catalyst 9500 routers and the other as ACI. I...

weylin.piegorsch · 10-24-2024

I think I need assistance understanding the nuance of bi-directional subjects.We're doing a brownfield->greenfield migration. My securtity team requires me to block TFTP for all EPG-to-everywhere, except for specifically authorized exceptions; thank...

weylin.piegorsch · 10-24-2024

Can anyone share either a config or a link to a working Cascading Context example?

weylin.piegorsch · 09-19-2024

For simplictiy, I'll refer here to L3out External EPGs by their external subnets, and I'm only asking about external subnets.What I'm concerned about is if I start with a contract that permits all traffic from ExtEPG_0.0.0.0/0 to some EPG1, and 2yr l...

weylin.piegorsch · 03-19-2025

I'll broach the DHCP question with management, but externalizing the address assignment has been a disagreeable approach in the past.

weylin.piegorsch · 03-19-2025

I'll broach the DHCP question with management, but that's been a disagreeable approach in the past.PBR isn't for traffic steering for different ISPs, it's just for traffic steering.In my use case, I need to drop traffic into different VRFs, from the ...

weylin.piegorsch · 03-18-2025

I think this is enough to highlight what I'm asking about. Webvpn is enabled on outside. Anything VPN group "group2" (regardless of destination) should get a source address of group2-pool, and set next-hop address of 10.2.0.1 via inside-group2. Any...

weylin.piegorsch · 03-17-2025

Guidance here is to use a crash cart KVM (or Intersight), not the serial port. I don't know about UCS generally. But APIC uses a UCS C-series chassis, and is not able to use the serial port unless explicitly configured for that.

weylin.piegorsch · 01-24-2025

Thank you @Sergiu.Daniluk. I was finally able to build a suitable lab environment to do the testing, and it worked perfectly. I wish I could mark this as a second solution.

Member Since	‎02-05-2015 06:46 AM
Date Last Visited	‎01-28-2025 01:42 AM
Posts	127
Total Helpful Votes Received	118

User Statistics

User Activity

PBR with AnyConnect

Border Leaf - Prefer One of Two

Bidirectional ACI Contracts

ASA Cascading Contexts Example

ACI L3out Multiple ExtEPG vs Contracts

Re: PBR with AnyConnect

Re: PBR with AnyConnect

Re: PBR with AnyConnect

Re: CIMC reset password

Re: ACI static route clarity