EMAIL SUPPORT
dclessons@dclessons.comLOCATION
USService Insertion FW traffic flow
Service Insertion FW traffic flow
Task: Configure Service Insertion FW in such a way that traffic from Branch1 to Branch 2 traverse through FW at DC1 or DC2.
Configure the Following to achieve this task:
Topology:
Solution:
Go to Configuration | Policy | Centralized Policy | Add Policy | Create Groups of Interest | Next to move to Configure Topology & VPN Membership
Click Add Topology | Custom Control Topology | Name Multi-Topology-FW | Sequence Type Route: Name: VPN20toDC | Match Site Id All-Branches, VPN-id Secpci-VPN | Action Accept, Set TLOC: DC-TLOCs
Click Sequence Type: Route | Name FW-Service-Insertion | Match VPN ID: Corp-VPN, Site ID: All-Branches | Match Accept | Service FW VPN 10 |
Default Action | Accept
Click on VPN Membership | Add VPN Membership Policy | Name Drop-GuestWifi-VPN40 | Site List: All-Branches, VPN-List Corp-VPN, SecPci-VPN | Save
Click Next to Move Traffic Data Rules | Traffic Data | Add Policy | Create New | Name Application Firewall Drop
Comment
TABLE OF CONTENTS
- Onboarding & Provisioning Configuring Templates
- Authentication between vSmart & vBond
- Authentication between vSmart Controller
- Authentication between vBond & vEdge Router
- Authentication between vEdge Router & vManage NMS
- Authentication between vSmart Controller & vEdge Router
- Viptela Specific Port Terminology
- Configure vManage & Generate Certificate
- Configure vBond & Generate Certificate
- Configure vSmart & Generate Certificate
- Configure vEdge & Generate Certificate
- Secure DataPlane Bringup
- Control Plane & Data Plane Operation - Unicast Routing Overview
- Configuring OMP & Its attributes
- Configure Unicast Overlay Routing
- Routing Configuration Example
- Segmentation Overview
- Configuring Segmentation
- Segmentation Configuration Example
- Data Traffic across Private WANs
- NAT in SDWAN & Data Encryption
- SD-WAN Viptela Policy Overview
- SD-WAN Centralized & Localized Control Policy Overview
- SD-WAN Centralized & Localized Data Policy
- Application – Aware Routing Overview
- Service Chaining
- Traffic Flow Monitoring
- vEdge Router as NAT Device
- Zone Based Firewalls
- Configuring Application Aware Routing
- Configure Centralized Control Policy
- Configuring Centralized Data Policy
- Configuring Cflowd Traffic Monitoring
- Configuring Zone based Firewall
- Service Chaining Configuration Example
- Configuring Service Side NAT
- Configuring Transport side NAT
RECENT POSTS
- What is Docker and Why is It Important?
- Learn Python 3.0 Programming for Network Automation
- Cisco ACI Data Centre: A Comprehensive Overview
- How to Prepare for the Microsoft Azure AZ-305 Exam
- AWS Training Certification Course for Solutions Architect
- Cisco SASE Architecture
- SASE vs SD-WAN
- What is SASE
- Accessing Amazon S3 using AWS private Link in Secure hybrid method.
- Cisco Smart Licensing Policy
LEAVE A COMMENT
Please login here to comment.