our CSS is load-balancing LDAP servers. The LDAP request come from a system protected by a firewall. Unfortunately, the system doing the request opens a connections and keeps it permanently open. The firewall disconnects the client system after a timeout period. The client realizes the disconnection, but the CSS is still listening for LDAP requests from that client. I know i can set the flow-timeout multiplier but I'm not sure, if this is enough. The global flow-state table command, where I can set the specific TCP port (LDAP) is not available for the CSS 11501, at least my CSS does not know the command.
My question: Is it enough to apply the flow-timeout multiplier command to the corresponding content rule or do I have to set the tcp port as well? If so, where and how? A sho flow-timeout configured returns:
User Configured Values for Content Rule Flow Timeout
This document will provide screenshots to outline the steps to setup
TACACS+ configuration to ACI and also the configuration required on
Cisco ACS server. Please find the official Cisco guide for configuring
TACACS+ Authentication to ACI:
Is it supported or NOT supported? It's a frequently asked question.
Before APIC, release 2.3(1f), transit routing was not supported within a
single L3Out profile. In APIC, release 2.3(1f) and later, you can
configure transit routing with a single L3Out pr...
Cisco Documents are usually accurate, but when it came to the document
on Cisco APIC Signature-Based Transactions it was slightly off the mark.
This document is for those novices to API like me who cant seem to
figure out how to go about performing signat...