We did come up with a workaround using the 'redirect' command in the main http Contnet Rules. This 'redirected' user traffic to a different url which in turn pointed at a Contnet Rule / VIP configured for SSL. This means users only ever had to remember specific business http url's
An extract from our test config is shown below. It seems to work ok. Do you see this as a valid configuration.?
That config is valid. You just need to make sure all the SSL (HTTPS) links have the proper host name that resolves to the .101 address. Also, make sure the SSL cert has a "cn" field with the proper domain name. If it does not match, then the user will get a warning message on the browser stating the domain names don't match.
VMware Trunk Port Group is supported from ACI version 2.1
VMM integration must be configured properly
ASA device package must be uploaded to APIC
ASAv version must be compatible with ACI and device package version
In the Previous articles of ACI Automation, we are using Postman/Newman as the Rest API tool to automate the ACI Configuration.
In this article I’m going to discuss on usin...
One of the first steps in building your ACI Fabric is to go through Fabric Discovery. While Fabric Discovery is usually a straightforward process, there are various issues that may prevent you from discovering an ACI switch. This article wil...