I have a situation where we need a destination nat to happen on ACE for an outbound flow that is redirected into SSLM modules, then coming back to the ACE and forwarded outward. There is a requirement to keep the SSLM module redirection so will not be able to achieve the encryption for the outbound connection by using the ACE.
I have a conflict when trying to implement as the real destination VIP (10.11.12.158 443) is being matched on two âmatch-anyâ class-maps. One is needed to direct traffic to the destination VIP via the SSLMs, and the other class-map is required to âstatic natâ the destination address when the flow leaves the ACE.
Any suggestion how to achieve the destination natting in this case?
This document covers the important troubleshooting data to be collected and data collection procedures when you experience an issue with ACI fabric. The collection of the relevant troubleshooting data is very critical to root cause the issue and...
There are certain situations in where an On-Demand Techsupport is not able to be performed. In such cases, a local techsupport can be collected instead for either the APIC or an ACI switch. This document outlines this...
Webcast: Evolution of Data Center: From Classic Ethernet to VXLAN
(Live Webcast Tuesday May 15, 2018 at 10 am Pacific/ 1 pm Eastern / 7 pm Paris)
Register today for this live Cisco Support Community webcast.