About Antonio Macia

Antonio Macia · 04-25-2025

Hi,We are running a SDA fabric with Trustsec-based enforcement and SGT in place. Our edge nodes generate logs for all the traffic blocked by the TrustSec matrix. Those logs contain src and dst IP + port information. Is it possible to ingest those log...

Antonio Macia · 04-09-2025

Hi,Few questions regarding profiling rules in Catalyst Center:Once a profiling proposed rule is accepted in Catalyst Center, it is not possible to edit it afterwards?What happens if I remove a saved profiling rule originally proposed by Catalyst Cent...

Antonio Macia · 12-29-2024

Hi there,We have configured our Catalyst Center as Netflow Collector destination for Application Visibility and, in addition, Secure Network Analytics for et-analytics. What are the differences between the flows received in both destinations? Are we ...

Antonio Macia · 08-12-2024

Hi,Our FTD 3130 is currently connected to a Catalyst 9407 acting as SDA border node. The link between the Cat9407 and the FTD3130 is a trunk that allows the different VLANs for inter-VN traffic. After running packet captures on the FTD interface I se...

Antonio Macia · 08-01-2024

Hi,Is it possible to have 2 x FMC in HA, one virtual running in VMware on-prem and the stand-by running in AWS?Thx

Antonio Macia · 12-30-2024

Thanks M02@rt37 I will create an additional flow exporter for SNA using a CLI template and apply it to our switches.

Antonio Macia · 12-29-2024

Hi M02@rt37 ,Thanks for the comprehensive explanation. Is there a way to keep sending the same level of detail to SNA and Catalyst Center at the same time? Perhaps a UDP Director o load balancer that might duplicate the flows towards both destination...

Antonio Macia · 08-13-2024

Solved after applying the commands below in all the uplinks on the border nodes. I was missing some interfaces.cts manualpropagate sgtpolicy static sgt 2 trusted

Antonio Macia · 08-01-2024

Thx @MHM Cisco World I also see this in the doc you shared "Both FMC peers are required to have the same capacity or hardware version" so no way of having this setup as I imagined.

Antonio Macia · 07-29-2024

Hi @balaji.bandi Basically I just want to add a bunch of SGT in one shot having them in a group, instead of picking one by one.

Member Since	‎01-18-2010 02:18 PM
Date Last Visited	‎04-25-2025 06:53 AM
Posts	260
Total Helpful Votes Received	32

User Statistics

User Activity

"SGACLHIT" switches logs in SNA

Editing/Merging AI endpoint analytics profiling rules

Difference between Netflows on CatCenter and SNA

FTD not receiving SGT inline

FMC HA between VM and AWS

Re: Difference between Netflows on CatCenter and SNA

Re: Difference between Netflows on CatCenter and SNA

Re: FTD not receiving SGT inline

Re: FMC HA between VM and AWS

Re: SGT groups in FMC