I have configured ACE in bridged mode. Connection to VIP from the client to the server VLAN is happening. But any connection to VIP from the server itself in the same server VLAN is failing as CON_CLOSE. Is SNAT required in bridged mode.
Other than the above, I am experiencing an issue with SSL. I have configured ssl-proxy on the policy-map for VIP eq 443 on server side vlan 'only'. However, I can see that from the servers in the Server vlan, accessing the VIP URL via http (80) prompts for the SSL certificate.
Can this happen ? Can a misconfiguration on ACE cause this (may be multi-match policy for server side vlan) ? Or even a misconfiguration on the server. The SSL is terminated on the ACE.
The application team requires https on server vlan as well.
I have checked my configs. Hitting port 80 on VIP prompts with the cert. Strange..... Please see below. Is ever it possible that the application server somehow replies to the client to resend the request on port 443 instead of 80 which throws up the cert from ACE. Other than that it is difficult to understand how can this happen.
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
In the Previous articles of ACI Automation, we are using Postman/Newman as the Rest API tool to automate the ACI Configuration.
In this article I’m going to discuss on usin...
One of the first steps in building your ACI Fabric is to go through Fabric Discovery. While Fabric Discovery is usually a straightforward process, there are various issues that may prevent you from discovering an ACI switch. This article wil...