I have a situation where we need a destination nat to happen on ACE for an outbound flow that is redirected into SSLM modules, then coming back to the ACE and forwarded outward. There is a requirement to keep the SSLM module redirection so will not be able to achieve the encryption for the outbound connection by using the ACE.
I have a conflict when trying to implement as the real destination VIP (10.11.12.158 443) is being matched on two âmatch-anyâ class-maps. One is needed to direct traffic to the destination VIP via the SSLMs, and the other class-map is required to âstatic natâ the destination address when the flow leaves the ACE.
Any suggestion how to achieve the destination natting in this case?
Webcast: Evolution of Data Center: From Classic Ethernet to VXLAN
(Live Webcast Tuesday May 15, 2018 at 10 am Pacific/ 1 pm Eastern / 7 pm Paris)
Register today for this live Cisco Support Community webcast.
Moquery is the command line cousin of Vizore, it's very helpful and efficient sometimes during the troubleshooting. This article aims to provide moquery cheat sheet to the users for some most common seen scenarios.
Here is the troubleshooting checklist which should be ready before customers/partners contact Cisco TAC:
Firmware Version of APIC and Switch
Download Switch and APIC techsupport logs
Problem description (Symptoms with details)