There are three VLANs related to CSM in our environment with route mode for example vlan10,20 and 30. Vlan10 is client VLAN and 20,30 are serverVLAN. It is working fine now. Right now we would like to put server behind a new ASA for security reason. When the traffic go to VIP (vlan 10), and then go through ASA. Finally It will be load balanced to backend servers (Vlan 20 or 30). It looks like CSM and ASA will finish this job through routing part. I know it will be working fine if we put both VIP and backendservers behind firewall. But right now VIP and backendservers are seperated from ASA. Do you think this design is OK? Please advice.
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...
Cisco Documents are usually accurate, but when it came to the document
on Cisco APIC Signature-Based Transactions it was slightly off the mark.
This document is for those novices to API like me who cant seem to
figure out how to go about performing signat...