About Antonio Macia

Antonio Macia · 07-17-2024

Hi,Is it possible to migrate an existing SNA deployment where all the components are virtual to the Data Store architecture?Regards

Antonio Macia · 07-09-2024

Hi,We are in the process of implementing SGT based rules in our FTDs. Our FMC is integrated with ISE successfully and we retrieve SGT information normally.Packets coming from our users network are tagged so the firewall can inspect the SGT and match ...

Antonio Macia · 07-01-2024

Hi,I have a router with dual ISPs and two tunnel interfaces. For ISP load-balancing I use floating default routes. Each tunnel interface uses as the source IP each WAN interface and the HUB's destination IP is the same for both tunnels. My problem is...

Antonio Macia · 06-10-2024

Hi,In the same way that ACI, when integrated with Kubernetes can load balance outside requests to a particular exposed service, is it possible to manually configure ACI for basic L3/L4 load-balancing of regular of servers, announcing the /32 IP to th...

Antonio Macia · 05-16-2024

Hi,I have a router with two WAN interfaces towards to different ISPs. Each ISP is in active/stand-by using floating default routes so, there is only one active default route in the routing table. For the nat I have two NAT overload statements using t...

Antonio Macia · 07-17-2024

Thanks oevranos.I thought that only some versions of the physical appliances could be migrated only.

Antonio Macia · 07-09-2024

Hi Rob,Thanks for your quick reply. Since our users can login from different sources (wired, WIFI and VPN) we cannot rely on any static mappings. I was thinking that FMC would act as SXP listener so everytime a device authenticates into SDA and gets ...

Antonio Macia · 07-06-2024

I just added the "tunnel route-via... mandatory" command and two static route towards the same IP of the HUB using as a next hop the ISP routers. Did tests shutting down each ISP interface, reloading the routers and both tunnel interfaces worked.

Antonio Macia · 07-05-2024

Working perfectly. Thanks!

Antonio Macia · 07-01-2024

Ok, I just realised that this router is no longer participating in DMVPN as some other routers in the customer network does. Apologies. It is in a traditional GRE/IPSec configuration.

Member Since	‎01-18-2010 02:18 PM
Date Last Visited	‎07-23-2024 01:04 AM
Posts	248
Total Helpful Votes Received	31

User Statistics

User Activity

Migration to Data Store

SGT as destination in firewall rule

GRE/IPSec Tunnel not using source interface next hop

Leveraging ACI native load-balancing

Source NAT using wrong outside interface

Re: Migration to Data Store

Re: SGT as destination in firewall rule

Re: GRE/IPSec Tunnel not using source interface next hop

Re: GRE/IPSec Tunnel not using source interface next hop

Re: GRE/IPSec Tunnel not using source interface next hop