Cisco Nexus 9000 Series Configuration Manual page 72
Nx-os intelligent traffic director configuration guide, release 9.x
Hide thumbs
Also See for Nexus 9000 Series:
- Configuration manual (562 pages) ,
- Troubleshooting manual (126 pages) ,
- Quick start configuration manual (6 pages)
Table of Contents
Advertisement
Configuration Example: Firewall in Layer 3 Clustering
switchport access vlan 100
channel-group 11 mode active
switch #2:
interface vlan 20
description OUTSIDE_VLAN
ip address 192.168.20.10/24
interface vlan 200
description FW_OUTSIDE_VLAN
ip address 192.168.200.10/24
interface port-channel 21
description To_ASA-1_OUTSIDE
switchport mode access
switchport access vlan 200
vpc 11
interface ethernet 4/25
description To_ASA-1_OUTSIDE
switchport mode access
switchport access vlan 200
channel-group 21 mode active
Step 2: Configure ASA.
cluster group ASA-CLUSTER-L3
local-unit ASA1
cluster-interface port-channel 31
ip address 192.168.250.100 255.255.255.0
piority 1
health-check holdtime 1.5
clacp system-mac auto system-priority 1
enable
mac-address pool MAC-INSIDE aaaa.0101.0001 - aaaa.0101.0008
mac-address pool MAC-OUTSIDE aaaa.0100.0001 - aaaa.0100.0008
ip local pool IP-OUTSIDE 192.168.200.111-192.168.200.114
ip local pool IP-INSIDE 192.168.100.111-192.168.100.114
interface port-channel 11
description INSIDE
lacp max-bundle 8
mac-address cluster-pool MAC-INSIDE
nameif inside
security-level 100
ip address 192.168.100.11 255.255.255.0 cluster-pool IP-INSIDE
interface port-channel 21
description OUTSIDE
lacp max-bundle 8
mac-address cluster-pool MAC-OUTSIDE
nameif outside
security-level 100
ip address 192.168.200.11 255.255.255.0 cluster-pool IP-OUTSIDE
interface port-channel 31
description Clustering Interface
lacp max-bundle 8
interface TenGigabitEthernet 0/6
channel-group 11 mode active
no nameif
Cisco Nexus 9000 Series NX-OS Intelligent Traffic Director Configuration Guide, Release 9.x
64
Configuring ITD
Hide quick links:
Advertisement
Table of Contents
