I found an interesting vPath behavior in VSG with ASA 1000v deployement on ESXi cluster.
ASA 1000v have 2 interfaces only for data (Inside and Outside).
When you want to enable the vPath for the ASA, you should apply vservice node type asa on the port-profile of your virtual machines, when you do this step, you lose the VSG policy for those virtual machines.
I decided to create 3 port-profiles, 2 for virtual machines (to send some to VSG and some for ASA 1000v), and 1 port-profile for ASA inside interface, when I apply the vservice command under ASA inside port-profile, the ASA doesn't permit the traffic proprly with the defined policies (although the ASA is able to ping and receive icmp from the VMs).
I appreciate if someone can clarify this point or have some insight on this subject.
Mohammed Khair Khomakho
CCIE Routing and Switching #26682
Introduction This article will help you understand the steps on how to
download the UCS licenses from the Cisco Systems website and then
installing it on the UCS. The redacted (blue lines) just covers up
certain numbers for privacy please do not take them...
Introduction This article will help you understand and educate the
customer on how to clear their "expired licenses"
(license-graceperiod-expired) from their UCS-M. If a customer just
purchased a license and needs a step by step guide on how to download
==================== VIC FNIC driver does not support Virtual Volumes (
second level LUN ID ) An enhancement request has been created to track
this feature - CSCux64473 UPDATE - 12-14-2016 We made some traction on
the enhancement request - The Fix is in t...