About tsmarcyes

tsmarcyes · 01-10-2025

When creating the IP pools for vpn in secure access, you have to configure 2 pools for each region - an endpoint pool and a management pool. The endpoint pool is obvious and is the pool of ip addresses that will be assigned to the vpn users when the...

tsmarcyes · 12-16-2021

I have been reading up on the documentation for SAN port-security and auto-learn. In the documentation, it seems to be contradictory or I am understanding. https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus5000/sw/san_switching/b_Cisco_...

tsmarcyes · 01-20-2021

Ok, I have read over the documentation multiple times on service insertion and I cant seem to find a good explanation for the internal packet flow with an ACI service insertion with a L2/transparent firewall. So, specifically, Im looking the solution...

tsmarcyes · 01-19-2021

I believe I understand the basic differences between using SD-Access transit and using ip transit between different fabric sites. One of the big benefits of SD-Access transit is the preservation of SGT tagging between sites. This is where Im a littl...

tsmarcyes · 02-07-2019

In ACI discussions, its always mentioned that BDs are NOT VLANS. The most common argument are that vlans equated to one subnet and thus since you can have multiple subnets in a bridge domain, they are therefore not the same as vlans. However, in t...

tsmarcyes · 01-10-2025

touche...i stand corrected... wasnt necessarily aware of this similar labeling on ASA... . I have heard of the feature from a general standpoint but never used it and/or realized this was the feature name necessarily... appreciate the responses

tsmarcyes · 01-10-2025

Thank you. However, (and this isnt directed at you) but One I wish from a design/GUI standpoint, they would have named it more intuitively (machine based, non-user based IP pool). Management pools are completely different contexts in most other pr...

tsmarcyes · 01-21-2021

Thanks @6askorobogatov . However, that is more high level and more in relation to ACI with the service insertion and traffic redirect. Im looking for more of the specifics after configuring the redirect.. the exact packet flow within ACI and how it...

tsmarcyes · 01-20-2021

Thanks everyone for the clarity and the actual details have helped a lot. However, I dont think we are getting to the heart of my question. It seems one of the main goals for the SD-access method was to allow the SGT to be preserved across the tran...

tsmarcyes · 01-19-2021

But if you do SD access, then you will be adding the Vxlan header anyways.

Member Since	‎05-26-2005 08:26 AM
Date Last Visited	‎03-18-2025 02:34 AM
Posts	134
Total Helpful Votes Received	1

User Statistics

User Activity

Cisco Secure Access - Management IP Pool?

SAN Port-Security and Auto-Learn

Internal Packet Flow with ACI service insertion/graph with transparent firewall

SD-Access Transit vs Ip Transit

ACI BD concept - vlan interface with secondaries?

Re: Cisco Secure Access - Management IP Pool?

Re: Cisco Secure Access - Management IP Pool?

Re: Internal Packet Flow with ACI service insertion/graph with transparent firewall

Re: SD-Access Transit vs Ip Transit

Re: SD-Access Transit vs Ip Transit