I have a few questions about the SCA and how it works in a redundant mode.
1. It has a DB-9 connector for failover, I guess this means that it supports redundancy like the PIX active:pasive. Is this correct? Theres is no example of this in the documentation for it (or at least I haven't found it).
2. It seems that it only needs 1 IP address, where do I configure it? On the outside or the inside interface?
3. An extention to the above question. The setup that I have is 2 redundant FWs connected to the internet and to the SCAs (2) which are connected to the servers (2). Do I configure NAT in the FWs? Or do I leave it as it is, right now I don't use NAT, as its not necesary.
If using one-port mode you need to use a specific interface and configure the ip address on this interface.
3/ If you have 2 SCA and 2 servers, you should use the SCA in inline mode. Use it in transparent mode, so you don't need to change anything to your current topology. Just insert the SCA in front of the server [plug the server in the server interface, and plug the connection to the network in the network interface]
Then use the GUI to configure the SSL services.
This is basically the same as a transparent config with a CSS but slightly different.
Unfortunately this is not documented because 99.9% of the time the SCA is used a loadbalancer.
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
In the Previous articles of ACI Automation, we are using Postman/Newman as the Rest API tool to automate the ACI Configuration.
In this article I’m going to discuss on usin...
One of the first steps in building your ACI Fabric is to go through Fabric Discovery. While Fabric Discovery is usually a straightforward process, there are various issues that may prevent you from discovering an ACI switch. This article wil...