In a production environment, the ACE has to validate the client certificate, based on the CN present in the certificate. As far as I knowm the ACE is only able to validate a client certificate, based on the expiration date and a possible revocation list. Is it possible to identify the client in another way ? We want to only accept client certificates of specific clients or, issued by a specific CA...
Is there any solution for that ? It seems that competition products allow it...
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...