The cipher is negotiated in the SSL handshake between the client and server to determine the type and level of encryption you want to use for this connection. By default all of the ciphers that the ACE supports can be used. If you want to restrict this to a specific cipher you can create the parameter-map as Kanwal suggested in the earlier post. This gets applied under the ssl-proxy service used for the ssl termination.
The sample below is only related to the cipher for the vip and probe config. You can look over the link below on ssl termination to see how all of these pieces tie together in a full config.
Topology & Design:
Two ACI fabrics
Stretching VLANs using OTV
Both fabrics are advertising BD subnets into same routing domain
Some BDs(or say VLANs) are stretched, but some are not.
Endpoints can move betwee...
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
Topology &Design:Traffic flow within same fabric:Endpoint moves to Fabric-2Bounce Entry Times OutTraffic Black-holedSummarySolutionAppendix:
In the Previous articles of ACI Automation, we are using Postman/Newman a...