I configured a HTTPS-HEAD Keepalive in a GSS that fails even if the server responds correctly. The problem could be that the server responds with a not trusted certificate. Does anyone know what the GSS's behaviour is in this particulal case?
That is an interesting question. The GSS does not check the certificate chain or domain, thus, to directly answer your question, no, it doesn't care about trust. I have never tested if the clock is checked against the date range on the certificate, but I would imagine it doesn't check that either.
At this point, if you had a linux box, issue a wget or curl request against the server and see what it sends back for the the page your GSS is probing (GSS only accepts a 200ok.)
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...