CSS - Inbound (WebServer) request to Outbound content
Is there any simple way of using the Load Balancer (CSS) to accept Inbound Request's to a Content Rule from Server used by another Content Rule ?
I have Content Rule "WebServer", with Server1, Server2, and Server3.
Each one of this servers is getting information from one other server (ServerX). This information is taken inside the ServerLan.
Beside this ServerX has a Content Rule "XXX" for outside Requests, now that we want to add another Service (ServerY) for this content, we had thought that Server1, Server2 and Server3, should get the information by the Content Rule "XXX", instead the ServerX directly.
Re: CSS - Inbound (WebServer) request to Outbound content
There should be no limitations regarding this. Server initiating a connection should be seen as any other client for that XXX content rule.
As a first step, you shoud redirect Server1, Server2 and Server3, to access the VIP address of the Content Rule "XXX", instead the ServerX directly.
I think source groups are not necessary, unles for example, all servers reside in the same subnet. In that case you would have the problem to force return direction of the traffic form serverX to server1 to go trough the CSS. (CSS shoud see both traffic directions to work regularly)
I believe you can use source groups to perform source NAT of Server1 address in that case. (The goal is to make ServerX to return traffic to some address which is routed over CSS.)
If servers 1,2,3 and servers X,Y are by default in different subnets, routed over CSS, you should have no problem for server-to-server load-balancing, and do not need source groups (ServerX can safely see Server1 real address in that case).
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...
Cisco Documents are usually accurate, but when it came to the document
on Cisco APIC Signature-Based Transactions it was slightly off the mark.
This document is for those novices to API like me who cant seem to
figure out how to go about performing signat...