cancel
Showing results for 
Search instead for 
Did you mean: 

Cisco ACI Integration

Conversationalist

Cisco ACI Integration

We're in the midst of migrating from our traditional network to Cisco ACI. We have 2 MX250s configured as a warm-pair. Has anyone had experience connecting their Security Appliances into the Cisco ACI Fabric/Topology? Thank you. Don
5 REPLIES 5
Meraki Employee

Re: Cisco ACI Integration

Hi Don,

 

Any MX HA pair relies on the VRRP heartbeat for successful communication. This is regardless of other technologies in play in the deployment. As long as the MX can send and receive VRRP traffic form the peer it will operate as expected. 

If my post answered your question please click the Kudos button below. additionally,
please update this thread to solved so others can benefit from it
Building a reputation

Re: Cisco ACI Integration

APart from that: I have never heard of an ACI device package for Meraki MX. So I'd guess the answer is "no".

Conversationalist

Re: Cisco ACI Integration

That seems like a bit of a misstep by Cisco since they own both technologies. You'd think that they'd want to create an ACI Device Package for integrating their own L4-L7 Service Appliances.

New here

Re: Cisco ACI Integration

You don't need a device package and this should work fine...device package is certainly nice but can introduce some complexity as well depending on your use case.  If you are generally static without a ton of change (spinning workloads up and down etc.) then you can just use it as you would any other firewall and leverage policy in the ACI fabric to direct traffic to it.  Here's a good example of how:https://community.cisco.com/t5/data-center-documents/aci-unmanaged-mode-configuration-example-using-...

Highlighted
New here

Re: Cisco ACI Integration


@RedneckofTech wrote:

You don't need a device package and this should work fine...device package is certainly nice but can introduce some complexity as well depending on your use case.  If you are generally static without a ton of change (spinning workloads up and down etc.) then you can just use it as you would any other firewall and leverage policy in the ACI fabric to direct traffic to it.  Here's a good example of how:https://community.cisco.com/t5/soundcloud downloader data-center-documents/aci-unmanaged-mode-configuration-example-using-asav-in-routed/ta-p/3313318


Thanks for the thorough explanations, I appreciate it.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.