Hi, we thought to migrate our Fortigate vDOMs customer into NSX T Edge .
Following pre- requesting been verified
Internet - completed
Routed Network - Completed
Ipsec - Completed
SSL - using open vpn with org vdc been completed
MPLS - Current VDOM has /30 ips with MPLS to use the policy in physical firewall. But how to replicate same format in NSX-T 3.1.3.5 setup
Can any one help out this scenario.!
I believe you are using VCD with NSX-T? When you say migrating VDOM to Edge, I believe you are referring to the gateway movement of workloads from VDOM to T1 Gateway? If that is the case, you can certainly achieve it by creating respective T1 for tenants as per the design and integrating with VRF/TO with multiple uplinks ( MPLS,ISP ), and routing the workloads towards VDOM.
Hi Sreec, thanks for your revert.,
As you said is correct, we are migrating VDOMs to Edges by using VCD. this MPLS Scenario, we have L3 interface in VDOM using one IP and second IP will may apply on MPLS router which full of /30. So this this scenario how we can achieve by NSX T,
>VIP Configuration not possible with Active-Active Cluster
>VRRP not compatible with NSX.
The Idea to be we thinking below,
However, T0 interface creation to mapping with external uplink, - having this Idea, we need to put some extra IPs to configure the IBGP and EBGP to achieve the MPLS with NSX T HA ensure.
Check the attached ref image,
Connectivity is fine, I see you have shared TO and MPLS T0 which will steer the traffic towards different VDOM. Kindly note that using IBGP upstream will not support Inter SR iBGP configuration on PE T0, Also below are the key points not supported on PE Router