Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
When creating the IP pools for vpn in secure access, you have to configure 2 pools for each region - an endpoint pool and a management pool. The endpoint pool is obvious and is the pool of ip addresses that will be assigned to the vpn users when the...
I have been reading up on the documentation for SAN port-security and auto-learn. In the documentation, it seems to be contradictory or I am understanding. https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/san_switching/b_Cisco_...
Ok, I have read over the documentation multiple times on service insertion and I cant seem to find a good explanation for the internal packet flow with an ACI service insertion with a L2/transparent firewall. So, specifically, Im looking the solution...
I believe I understand the basic differences between using SD-Access transit and using ip transit between different fabric sites. One of the big benefits of SD-Access transit is the preservation of SGT tagging between sites. This is where Im a littl...
In ACI discussions, its always mentioned that BDs are NOT VLANS. The most common argument are that vlans equated to one subnet and thus since you can have multiple subnets in a bridge domain, they are therefore not the same as vlans. However, in t...
touche...i stand corrected... wasnt necessarily aware of this similar labeling on ASA... . I have heard of the feature from a general standpoint but never used it and/or realized this was the feature name necessarily... appreciate the response...
Thank you. However, (and this isnt directed at you) but
One I wish from a design/GUI standpoint, they would have named it more intuitively (machine based, non-user based IP pool). Management pools are completely different contexts in most other p...
Thanks @6askorobogatov . However, that is more high level and more in relation to ACI with the service insertion and traffic redirect. Im looking for more of the specifics after configuring the redirect.. the exact packet flow within ACI and how it...
Thanks everyone for the clarity and the actual details have helped a lot. However, I dont think we are getting to the heart of my question. It seems one of the main goals for the SD-access method was to allow the SGT to be preserved across the tran...
