Re: CSM/SCA -- XML Inspection and Certificate delivery
No device in the world can do what you're looking for in point #2 and #3.
The reason is that to see the XML data, you need to decrypt the traffic and to decryt the traffic you first need to terminate the SSL connection and to terminate the connection you need to know the certificate.
So, you can't use XML data to select the certificate.
This is no hardware/software limitation but just how SSL has been designed.
Point #4 is ok, you can use the tcp port to determine which server to use in the backend.
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...