Fady NETDecorators
Fady NETDecorators
  • 14
  • 533 450
Cisco Meraki Cross Domains SD-WAN Design
In this video, you will find a detailed guide on integrating two Meraki SDWAN domains - one located in mainland China and the other global. The integration process involves leveraging the Alibaba Cloud service to bridge communication across their core.
Here is the breakdown of the video:
00:00 - Introduction
01:38 - Creating vMX in Alibaba Cloud
08:14 - Establish Site-to-Site VPN across the domains
11:55 - Building Alibaba Cloud Enterprise Network (CEN)
15:31 - Control the Routing
22:18 - Summary
Feel free to check my blog post about the same design:
netdecorators.com/Meraki-China-and-Global.html
My virtual training can be found here:
training.netdecorators.com
Credits to Freepik:
www.freepik.com/free-video/a-screen-display-of-streaming-binary-numbers-loop_179154
www.freepik.com/free-vector/gradient-highlighted-china-country-map-infographic_10980274.htm
Переглядів: 726

Відео

Meraki Single Sign On with Microsoft AD
Переглядів 15 тис.3 роки тому
This video covers the integration part between Meraki Dashboard and Active Directory for enabling Single Sign-On across the two platforms. Here is the official Meraki document: documentation.meraki.com/General_Administration/Managing_Dashboard_Access/Configuring_SAML_SSO_with_ADFS My virtual training: training.netdecorators.com
Meraki External Captive Portal (Github deployment)
Переглядів 3,8 тис.3 роки тому
This video is a walkthrough of how to deploy an external Captive Portal with Cisco Meraki. The captive portal will verify the users against MySQL database and assign a group policy based on their saved membership in MySQL database. Lastly, a log message will be sent to a Syslog server. I hope you wouldn't mind the music in the background as it helped me while I was coding the project. so, credi...
Meraki to Microsoft Azure - Full Tunnel
Переглядів 17 тис.4 роки тому
In this video, you will learn how to build virtual MX in Microsoft Azure environment. Then, create a gateway to the internet in Azure by building virtual Cisco router. Lastly, getting all the branches to tunnel the traffic to Azure and exit to the internet. Here is the breakdown of the video: 00:00 - Introduction of the setup 01:02 - Building vMX environment 04:45 - Enable Site-to-Site VPN 05:5...
Meraki Client VPN with DUO MFA
Переглядів 19 тис.4 роки тому
This short demo covers how to use Meraki MX for Client VPN (Remote Access) and secure the authentication by using Cisco DUO for 2FA. My virtual training can be found here: training.netdecorators.com
Meraki Captive Portal API
Переглядів 9 тис.6 років тому
This video is a walk through to build a simple Captive Portal to capture user details (name and e-mail) and save it locally on a web-server then integrate it with Meraki Access Points. In this tutorial we used PHP and HTML. My virtual training: training.netdecorators.com
Meraki AP and Authentication
Переглядів 23 тис.6 років тому
Integrate Meraki to an external RADIUS server and utilize multiple options for user verification. The authentication methods covered in the video: - Mac-based authentication - Traditional Dot1X authentication with username/password - Third-party authentication. My virtual training: training.netdecorators.com
Meraki MX Technical Deep Dive (Module 6) - Popular and New
Переглядів 30 тис.7 років тому
If you want to access this training via class-like experience, click below. training.netdecorators.com Wireless Concentrator MX in High Availability Virtual MX (AWS) My virtual training: netdecorators.com
Meraki MX Technical Deep Dive (Module 5) - Dynamic Routing & SD-WAN
Переглядів 42 тис.7 років тому
If you want to access this training via class-like experience, click below. training.netdecorators.com MX as VPN Concentrator MX and OSPF SD-WAN My blog: blog.netdecorators.com
Meraki MX Technical Deep Dive (Module 4) - Gateway
Переглядів 34 тис.7 років тому
If you want to access this training via class-like experience, click below. training.netdecorators.com MX Routing Decisions Site-to-Site VPN MPLS to LAN vs WAN Hybrid Networks Best Practice MX QoS and Traffic Shaping My virtual training: netdecorators.com
Meraki MX Technical Deep Dive (Module 3) - UTM
Переглядів 47 тис.7 років тому
If you want to access this training via class-like experience, click below. training.netdecorators.com Firewalling Rules Content Filtering & IPS/IDS Port Forwarding and Traffic NATting Client VPN Group Policies My virtual training: netdecorators.com
Meraki MX Technical Deep Dive (Module 2) - MX Quick Start
Переглядів 144 тис.7 років тому
If you want to access this training via class-like experience, click below. training.netdecorators.com Getting MX online MX LAN & DHCP MX NAT vs Pass-Through My virtual training: netdecorators.com
Meraki MX Technical Deep Dive (Module 1) - Introduction
Переглядів 59 тис.7 років тому
If you want to access this training via class-like experience, click below. training.netdecorators.com Introduction to Meraki Gateway Landscape Introduction to Meraki Cloud Managed Security Solution My virtual training: netdecorators.com
Meraki AP and RADIUS integration
Переглядів 89 тис.7 років тому
This video covers how to integrate the Meraki platform to a Windows-based RADIUS server and then assign users to different VLANs based on their AD groups. My virtual training: training.netdecorators.com

КОМЕНТАРІ

  • @rabirini
    @rabirini День тому

    Hi @Fady Can I set up this lab in packet tracer or any other posibilites to get trail license

  • @DennisVillarreal
    @DennisVillarreal Місяць тому

    I noticed something, you used public ip addresses when you created your VLANs, my question is this one, In a real scenario you can't use public ip ranges as your vlans, is that correct?

    • @FadyNETDecorators
      @FadyNETDecorators 20 днів тому

      You are right, in real life scenario, you would use private IP range for your LAN, however, you can configure any range for your LAN as long as the subnet won’t be routed to the internet.

  • @KowoyoNetworks
    @KowoyoNetworks 2 місяці тому

    At 12:15, you say that you "need to add a default route from my LAN pointing to the LAN side of that router", any chance you can explain, I'm a bit lost as to which part of the diagram are you referring to as your LAN?

    • @FadyNETDecorators
      @FadyNETDecorators 2 місяці тому

      Valid point. Logic diagram for the traffic from the spoke to the internet via Azure : Spoke --> vMX in Azure --> vMX Azure Route Table --> vRouter Azure LAN route table --> vRouter (NAT) --> vRouter Azure WAN route table --> Azure internet Gateway. So the traffic from the vMX will hit Azure Route Table. I needed the traffic from the vMX to hit the LAN side of my virtual router. so in order for the traffic to flow from the vMX to the router we need the Azure route table to direct the traffic towards the IP of the router. At 12:15 I was configuring the Azure route table of the vMX to point all the traffic to the LAN IP address of the virtual router. Please let me know if its not clear and I will be happy to have 1:1 and explain it more.

  • @arsalanjineji17
    @arsalanjineji17 2 місяці тому

    Thanks fady for sharing the amazing videos, the way you explained its great. I am waiting for your MS and MR videos.😊

    • @FadyNETDecorators
      @FadyNETDecorators 2 місяці тому

      Thanks mate, any specific topic you interested in?

  • @RezaAPS
    @RezaAPS 5 місяців тому

    Does the password need to be the same as the MAC address when we create the user? Our company password policy requires more complex passwords.

    • @FadyNETDecorators
      @FadyNETDecorators 5 місяців тому

      Hi Reza, that is only if you want to do MAC based authentication without user credentials. This option might be a good for non-dot1x capable devices. Check my other video that might help to solve your problem Meraki AP and RADIUS integration

  • @DeepaNaik-g3g
    @DeepaNaik-g3g 7 місяців тому

    Nice

  • @AzureMB
    @AzureMB 8 місяців тому

    If your meraki managed application gets deleted in Azure do you have remove the appliance from meraki and then start the process over again?

    • @FadyNETDecorators
      @FadyNETDecorators 8 місяців тому

      No, you just need the token either the old one or generate a new one from the Meraki dashboard -vMX and attach it to the new application in Azure.

  • @AA-oo4gy
    @AA-oo4gy 8 місяців тому

    What about if you have 50 access points? Do you need to add each one of them as a Radius client?

    • @FadyNETDecorators
      @FadyNETDecorators 8 місяців тому

      Yes but you can also do range as client if those AP IPs can be summarized.

  • @onyemaedeh4660
    @onyemaedeh4660 9 місяців тому

    This video was 7 years ago but solved my problem today. Thank you

  • @faheemkoyatty1
    @faheemkoyatty1 9 місяців тому

    Great Videos..Thanks Fady

  • @STANLEY02
    @STANLEY02 10 місяців тому

    Hello, I have followed your video to setup the clients in NPS and the radius server settings in the Meraki dashboard, but when I test all the access points fail. I can ping the NPS server from the AP and we previously had setup a radius server for our VPN authentication and that works. Any thoughts why the APs are failing?

    • @FadyNETDecorators
      @FadyNETDecorators 10 місяців тому

      Just wondering if you added the APs subnet/IPs as clients to your NPS server?

  • @ctrip75
    @ctrip75 11 місяців тому

    Curious what you are using for the diagram. Seems easier to use than Visio.

  • @DmitryIvakin
    @DmitryIvakin Рік тому

    Hello! Thanks for great video! I have very similar design, but unfortunately Meraki Global can't see Meraki vMX on Alibaba. We have Meraki vMX on Alibaba in CN and Meraki vMX in EU. Between them, we have a channel established by China Telecom with BGP routing inside. I've set up a test VM in EU vMX subnet (I did the same for Alibaba). I can ping CN vMX from the test server in EU and vice-versa. I've configured non-Meraki peers on CN and EU hubs, but they are showing the red status. I'm not sure what IPSEC policy I have to use for CN, but Meraki support didn't mention any specific, only said they are must equal on both sides. I'm stuck in this task, some topics on reddit say AutoVPN is ok to use in CN, some say no, only non-Meraki peer. Any idea what will be the right scenario?

    • @DmitryIvakin
      @DmitryIvakin Рік тому

      forgot to mention - all resources in EU are built on Azure, and we are using ExpressRoute to connect China Telecom.

    • @FadyNETDecorators
      @FadyNETDecorators Рік тому

      Hey, so to build a tunnel from outside mainland China to inside is a challenge due to the Chinese firewall, hence i suggested in this video to use alibaba core to route the traffic from China to outside. Can I ask, why you want to build non Meraki VPN?

    • @DmitryIvakin
      @DmitryIvakin Рік тому

      @@FadyNETDecoratorsHi, thanks for reply! Basically we have a channel from China Telecom (MPLS?) which helps us to bypass Great Firewall. I can ping vmx in China and EU. I suppose we have two different org (China and Global meraki), this is the reason why non-meraki peering is only the option. Or I'm wrong here? I simply see no options for AutoVPN on Meraki dashboard.

    • @FadyNETDecorators
      @FadyNETDecorators Рік тому

      If you have a private connection between China and global, then you can use routing to advertise your global subnets to China and vice versa. Here is what I mean: - China MX connects to your MPLS and configure the local subnets (with all your global IPs) so your Chinese network can route the traffic to and of course make sure the return traffic is configured - Global MX also need to be connected to MPLS and configure the local subnets with all your Chinese routes. We won't use any tunnels to connect both orgs, we will just use routing. You can configure BGP with the MXs in China & global and your MPLS, you just need to make sure that those MXs are in concentrator mode.

  • @EdgarEstrada-vh5hz
    @EdgarEstrada-vh5hz Рік тому

    Excellent Video!! Quick question, though: If my RADIUS is bahind my meraki, and not on the WAN.... how can I connect to the Radius? It's not working ... :(

  • @h.s.k.007
    @h.s.k.007 Рік тому

    Is there an option to route the traffic towards internet directly from the VMX ? from the remote MX over full tunnel ? if this is not achievable, please help with explaining why not ?

    • @FadyNETDecorators
      @FadyNETDecorators 10 місяців тому

      It can be achieved now by using NAT feature on the vMX so remote subnets of your MXs can be NAT-ted with vMX IP which is known within your Azure environment.

  • @chrisgreen5101
    @chrisgreen5101 Рік тому

    Worth mentioning the token lasts 1hr once generated so if you have a 2 party config and a delay happens using the token it will expire.

  • @bootcd
    @bootcd Рік тому

    Hello, can meraki 8021.x with wildcard certificate be integrated without CA?

  • @aliaschowify
    @aliaschowify Рік тому

    Best video.

  • @munindernagar3105
    @munindernagar3105 Рік тому

    Hi.. i know about max MAC support by this. can we add more then 1000 mac? Thanks in advance.

  • @zerginho5
    @zerginho5 2 роки тому

    Hi, how did you create the wifi to which the iphone connects?

  • @graciesager
    @graciesager 2 роки тому

    Hello. Nice write up. Question, where did you get your MX's IP address? Is it the WAN IP? Thanks

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Thanks, If you are talking about the DUO cfg file, the IP there is the RADIUS server IP not the MX. if you want to add the MX as a client to your RADIUS server then the answer is yes, the IP is the WAN IP of the MX.

    • @graciesager
      @graciesager 2 роки тому

      @@FadyNETDecorators Thanks for responding Fady. In the AuthProxy.cfg file, the ad_client host is the radius IP. What about for the radius_IP_1= what should I put?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      @@graciesager Thanks Gracie, radius_IP_1 would be the MX WAN ip address, sorry I missed that part

    • @graciesager
      @graciesager 2 роки тому

      @@FadyNETDecorators That's what I've been using all along Fady but keeps timing out. Seems not hitting AD at all. Validation is good though. Any ideas? Thanks

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      @@graciesager That is interesting, is it possible to check the routing at least to confirm the traffic is hitting the AD?

  • @bootcd
    @bootcd 2 роки тому

    Hi it is mandatory for this configuration create a Server CA ? I think when you set up 8021x in Meraki is mandatary to have a CA server

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Hey Bmuvi, Dot1x needs certificate to encrypt the traffic and you should manage CA to issue and control those certificates but that has nothing to do with Meraki, its more of the way Dot1x works.

  • @Velicheti
    @Velicheti 2 роки тому

    Hi Fady, just seen the video and its great. After seeing this i was curious to know, if similar scenario works to authenticate Meraki wireless users using Azure AD through VPN tunnel. Can we achieve this?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Hi Ravi, My colleague Yuji has written really fantastic blog about the use case of using LDAP directly with AP using the local Auth feature, please check the blog post here. apicli.com/2021/12/13/meraki-mr-802-1x-with-azure-active-directory/

    • @Velicheti
      @Velicheti 2 роки тому

      @@FadyNETDecorators i will go through. Thanks for quick response.

  • @shspu
    @shspu 2 роки тому

    Gitex2022 Dubai ua-cam.com/video/AdMoXed3DQw/v-deo.html

  • @tariqmahmood5859
    @tariqmahmood5859 2 роки тому

    I am implementing v-MX behind FW. question is i have DNAT option, so if i take your scenario with azure fW, it means ip address of vMX and destination will be branch office public IP address? i get only DNAT option in firewall.

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Hi Tariq, one thing to note, Azure might not allow you to DNAT the remote subnets from the branches as they are not defined as Azure VNET, hence I am having this Cisco virtual router to NAT the branch subnets.

  • @erickco01
    @erickco01 2 роки тому

    Hello, What about to do not having a user database, and we just want to have a guest data portal to cath information for Wifi free ?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Hi Erick, Please check this video that I created sometime back for that use case ua-cam.com/video/LzsNZW-NpP4/v-deo.html

  • @movingpictures2378
    @movingpictures2378 2 роки тому

    Volume is terrible

  • @eddieedwards9669
    @eddieedwards9669 2 роки тому

    Hi Fady. I have a simple question regarding route leakage and the LAN connection to MPLS. If you are already connecting MPLS to your WAN interface, how can you have a second connection to one of your LAN interfaces? My providers hand off with a single port. I may be totally overlooking something obvious to others... Thanks for the great videos!

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Hi Eddie, I wouldn't recommend connecting the MPLS to both the LAN and the WAN of the same MX, but if you want to split your MPLS link into 2, you can use a switch and ask your MPLS provider to at least give you /29. Normally ISP will provide you /30 with a single interface.

  • @aungkyawwinn527
    @aungkyawwinn527 2 роки тому

    love your explanation.

  • @talbs13
    @talbs13 2 роки тому

    This is great. I have an issue where both MX's are showing as Master? How do i fix that? Thanks

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      That will happen if the MXs loose the heartbeat from the LAN side. If you run packet capture on the LAN and check if the heartbeat messages are received, if so I would recommend to open case with Meraki support as you might have faulty hardware.

    • @talbs13
      @talbs13 2 роки тому

      @@FadyNETDecorators Thanks for quick reply. Is a cable to each MX250 the recommended configuration for heartbeat?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      No direct cable is required. You just need the two MXs to share the same LAN, the heartbeat is happening over multicast address

  • @alisanchez3291
    @alisanchez3291 2 роки тому

    How can i do with azure add?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Hey Ali, currently, there is no native integration between Meraki wireless and Azure AAD. You will still need a RADIUS server to be the man-in-the-middle, something like Cisco ISE or Windows NPS would work.

    • @alisanchez3291
      @alisanchez3291 2 роки тому

      @@FadyNETDecorators can i do this with a windows server between azure add and meraki?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      @@alisanchez3291 You should be able to use Windows NPS as a RADIUS server and connect it to your Azure AD

  • @rahulpatil-dg2lf
    @rahulpatil-dg2lf 2 роки тому

    please have some detailed explanation for MS and MR as well. Thanks

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Will do my best, anything specific you feel will be good to address on MS and MR?

  • @windogwow
    @windogwow 2 роки тому

    This is the best step by step Meraki video I have ever found online. Great job! Just wondering if you have figured out a way to do a captive portal while keep the RADIUS private - away from public Internet?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Thanks, I have built a splash page with validating the credentials on local database. Its not dot1x but if you can build the logic, it will work without the need to go to have the DB public ua-cam.com/video/LtmaSYwjaP4/v-deo.html

  • @Indu_Bhushan_official
    @Indu_Bhushan_official 2 роки тому

    Thanks for make me MX engineer

  • @yuanjie1802
    @yuanjie1802 2 роки тому

    Hi, in your video, Could you explain what's the API key, how can I get it?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Yuan, API is an admin key you can generate in your dashboard. Here is the steps for you to enable it documentation.meraki.com/General_Administration/Other_Topics/Cisco_Meraki_Dashboard_API#:~:text=test%20API%20calls.%C2%A0-,Enable%C2%A0API%20Access,-For%20access%20to

  • @migy220
    @migy220 2 роки тому

    hello, i would like to know what meraki router model you are using

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      In this video, the MX is MX250

    • @migy220
      @migy220 2 роки тому

      @@FadyNETDecorators will any meraki router model able to implement this? or you need MX router series?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      @@migy220 You actually don't need Meraki MX or router for this implementation.

  • @iansalgado8710
    @iansalgado8710 2 роки тому

    Great video series !! cheers..... do you have one that covers Meraki MS Switches & how the MX & MS devices are manage from a single platform ?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Thanks Ian. I did another training (not as detailed) but it covers MX and MS and you can access it here netdecorators.thinkific.com/courses/meraki-the-platform-of-the-future

  • @rockinron5113
    @rockinron5113 2 роки тому

    Great tutorial. Thanks.

  • @MrLopaka99
    @MrLopaka99 2 роки тому

    Great presentation. Used to working on physical devices. I see the power of Virtual Networking definitely the future.

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Thanks Robert, I am also coming from the same background. I feel the right balance between Physical and virtual appliances is the winner.

  • @glennroncal285
    @glennroncal285 2 роки тому

    Fady, nice video, question how is licensing handled in a vMX?

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Hi Glenn, thanks for your kindness. Meraki has different license tiers for vMX (Depends on the size of the deployment). vMX-S / vMX-M / vMX-L (Currently not available in Azure). Below link has the specs to choose which license is suitable for your project. meraki.cisco.com/product-collateral/mx-family-datasheet/?file

  • @roseria9606
    @roseria9606 2 роки тому

    I love how you explain the procedures! It was so easy to understand! Although I was hoping if you could do a tutorial on how to use ad accounts as an authentication method for signing in to Meraki APs. By the way please let me subscribe to your channel!😊

    • @FadyNETDecorators
      @FadyNETDecorators 2 роки тому

      Thanks Roseria for your feedback. I will make video for direct LDAP with the AP. Stay tuned :D

  • @sharaqafzaal1546
    @sharaqafzaal1546 2 роки тому

    Awesome

  • @shehryarsarwar3109
    @shehryarsarwar3109 3 роки тому

    Hello Fady, Iam using 4G modem directly connected to my MX. Can i still make client VPN or i need a static public IP to establish it?

    • @FadyNETDecorators
      @FadyNETDecorators 3 роки тому

      Hey, yes, you can do client vpn over 4g, make sure if there is no public ip on the mx to do port forwarding on the 4g modem. Also you can use the dns of the MX to make it easy when the public ip changes

    • @shehryarsarwar3109
      @shehryarsarwar3109 3 роки тому

      @@FadyNETDecorators I am already getting General public IP from 4G modem. Can i make client VPN with that public IP?

    • @FadyNETDecorators
      @FadyNETDecorators 3 роки тому

      @@shehryarsarwar3109 yes, you should be able to use that public IP. Check the IP on the MX, if its private IP then you will need to perform port forwarding on that modem, otherwise, it should just work.

  • @robygpanjaitan9975
    @robygpanjaitan9975 3 роки тому

    How to connect authentication with LDAP? Auch as Open LDAP i mean

    • @FadyNETDecorators
      @FadyNETDecorators 3 роки тому

      Hey Roby, you might need to follow this link documentation.meraki.com/MR/MR_Splash_Page/Configuring_Splash_Page_Authentication_with_an_LDAP_Server

  • @kewlheadkewlhead4038
    @kewlheadkewlhead4038 3 роки тому

    I have this setup with mx84 as dhcp server, nps on win2k19 eval , my nps granted access but not IP from dhcp server, did i miss anything? :(

    • @FadyNETDecorators
      @FadyNETDecorators 3 роки тому

      you might need to check the VLANs between the AP and the MX. If you have switch in between, you might need to check the native VLANs as well.

    • @kewlheadkewlhead4038
      @kewlheadkewlhead4038 3 роки тому

      @@FadyNETDecorators kewl! thanks for the reply, my VLAN is just the default VLAN 1, tried moving the AP (MR76) to a trunk port but still not getting an IP, my switch by the way is Cisco C1000 in between my AP and the MX.

    • @FadyNETDecorators
      @FadyNETDecorators 3 роки тому

      @@kewlheadkewlhead4038 Try to have the MX trunk port facing the switch with native VLAN 1. Hope that would work.

    • @kewlheadkewlhead4038
      @kewlheadkewlhead4038 3 роки тому

      @@FadyNETDecorators Oppss! my switch (C1000) port connected to my MX is on dynamic (desirable/auto), if i change it to trunk (vlan 1/native) whole network goes down, port turns BLK status

  • @rahulpatil-dg2lf
    @rahulpatil-dg2lf 3 роки тому

    Hi Sir Really how well you explained, appreciate for such nice explanation .

  • @basetau3200
    @basetau3200 3 роки тому

    5 Starts

  • @eriemiller1448
    @eriemiller1448 3 роки тому

    Hi Fady your recommendation is to use a vASA and not a router for NAT and routing. I assume the same static routes and peering between the vNets applies in this scenario to force ALL traffic to egress from the vMX_RG to the "ASA__RG" via the vASA outside interface? Are there any other caveats to consider when using the vASA instead of the CSR 1000V? Specifically, should I place my vm's in the vMX_RG or in the ASA_RG?

    • @FadyNETDecorators
      @FadyNETDecorators 3 роки тому

      Hi Erie, your assumption is right and the vASA will do the exact same function as the CSR1000V. No caveats out there.. You can use vMX_RG is just a name so you can use it or change it to ASA_RG.