I have a test content switch CSS11503 with one leg on 10.152.21.0/24 and the other leg on 10.40.21.0/24. I have SSL services set up to hit 10.40.26.1 and 10.40.26.2. I have a content rule with 10.40.21.26 as the VIP which load balances to the aforementioned services. In order for traffic from other networks to hit the services I need to source NAT them to an address on the 10.40.21.0 subnet. Otherwise the traffic will hit 10.40.26.1 or 2 and will return via the default gateway of 10.40.26.250 (and will not return via the content switch) The business would now like if the NAT did not take place as they would like to be able to see the real addresses hitting the website. I have tried to remove the NAT and add in a route to a one of these other network on the 10.40.26.250 mls but this does not seem to work. Any ideas?
Why do you need native HA: The native HA feature allows two Cisco DCNM
appliances to run as active and standby applications, with their
embedded databases synchronized in real time. Therefore, when the active
DCNM is not functioning, the standby DCNM will...
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...