EMAIL SUPPORT
dclessons@dclessons.comLOCATION
USService Insertion FW traffic flow
Task: Configure Service Insertion FW in such a way that traffic from Branch1 to Branch 2 traverse through FW at DC1 or DC2.
Configure the Following to achieve this task:
Topology:
Solution:
Go to Configuration | Policy | Centralized Policy | Add Policy | Create Groups of Interest | Next to move to Configure Topology & VPN Membership
Click Add Topology | Custom Control Topology | Name Multi-Topology-FW | Sequence Type Route: Name: VPN20toDC | Match Site Id All-Branches, VPN-id Secpci-VPN | Action Accept, Set TLOC: DC-TLOCs
Click Sequence Type: Route | Name FW-Service-Insertion | Match VPN ID: Corp-VPN, Site ID: All-Branches | Match Accept | Service FW VPN 10 |
Default Action | Accept
Click on VPN Membership | Add VPN Membership Policy | Name Drop-GuestWifi-VPN40 | Site List: All-Branches, VPN-List Corp-VPN, SecPci-VPN | Save
Click Next to Move Traffic Data Rules | Traffic Data | Add Policy | Create New | Name Application Firewall Drop
Comment
TABLE OF CONTENTS
- Onboarding & Provisioning Configuring Templates
- Authentication between vSmart & vBond
- Authentication between vSmart Controller
- Authentication between vBond & vEdge Router
- Authentication between vEdge Router & vManage NMS
- Authentication between vSmart Controller & vEdge Router
- Viptela Specific Port Terminology
- Deploy & Configure vManage & Generate Certificate
- Deploy & Configure vBond & Generate Certificate
- Deploy & Configure vSmart & Generate Certificate
- Configure vEdge & Generate Certificate
- SDWAN & NAT
- Secure DataPlane Bringup
- Enterprise CA for SDWAN Instances
- ZTP Process & PnP Overview
- Control Plane & Data Plane Operation - Unicast Routing Overview
- Configuring OMP & Its attributes
- Configure Unicast Overlay Routing
- Routing Configuration Example
- Segmentation Overview
- Configuring Segmentation
- Segmentation Configuration Example
- Data Traffic across Private WANs
- NAT in SDWAN & Data Encryption
- SD-WAN Viptela Policy Overview
- SD-WAN Centralized & Localized Control Policy Overview
- SD-WAN Centralized & Localized Data Policy
- Service Chaining
- Traffic Flow Monitoring
- vEdge Router as NAT Device
- Zone Based Firewalls
- Configure Centralized Control Policy
- Configuring Centralized Data Policy
- Configuring Cflowd Traffic Monitoring
- Configuring Zone based Firewall
- Service Chaining Configuration Example
- Configuring Service Side NAT
- Configuring Transport side NAT
- Control Policy Example 1: Hierarchical Topology
- Multi-Region Fabric
- Control Policy Example 2: Implementing Traffic Engineering
- Control Policy Example 2: Dynamic On-Demand Tunnels
- Deploy Cisco SD-WAN Edge Routers
- Deploy SDWAN Controllers
- LAB Deploy Cisco SD-WAN Devices Using Configuration Group
- Implement Service-Side Routing Protocols
- Implement TLOC Extensions
- Implement Control Policies
- Implement Data Policies
- Implement Application-Aware Routing
- Implement Branch and Regional Internet Breakouts
- Migrate Branch Sites
RECENT POSTS
- Understanding the ENSDWI Course: Advanced Cisco SD-WAN (Viptela) Concepts
- A Complete Guide to the DCACI-A Course: Mastering Advanced Cisco ACI Concepts
- How Our Online Python Certification Will Prepare You for a Career in Network Automation
- What You'll Learn in Juniper Mist Labs: A Deep Dive into AI-Driven Wireless Networking
- 10 Benefits of Studying Cisco ISE for Network and Security Folks
- Which AWS Advanced Networking Labs Course Includes # Real World Traffic Flows and Examines Objectives?
- How Do You Practice Cisco Nexus Configuration with Online Labs, No Physical Equipment?
- Why Cisco SD-WAN Viptela Training is Necessary in the Current Cloud-First Networking Age
- 5 Best Reasons to Learn Cisco SD-Access: From Networking Issues to Automation Solutions
- What is Cisco SD-LAN? A Beginner’s Guide to Software-Defined Access
LEAVE A COMMENT
Please login here to comment.