EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFSegmentation Configuration Example
Segmentation Configuration Example
Here are some configuration steps and examples which will help you to understand how to segment the network.
Create Basic VPNs
Configure basic VPNs required by Viptela devices consist of these steps:
On the vEdge router:
• Create a VPN 0 instance for the transport VPN.
• Create a VPN 512 instance for the management VPN.
• Create a VPN instance to use for routing.
On the vSmart controller:
• Create a VPN 0 instance for the transport VPN.
• Create a VPN 512 instance for the management VPN.
• Optionally, create policies to influence routing and access control within the VPN.
Full configuration example for vEdge:
system # Configure general system parameters
host-name vedge
system-ip 1.1.1.1
domain-id 1
site-id 100
vbond 10.10.10.10
!
vpn 0 # Create the tunnel interface and allow
interface ge 0/0 reachability to vSmart in transport VPN
ip address 10.10.10.11/24
tunnel-interface
color default
encapsulation ipsec
!
no shutdown
!
ip route 0.0.0.0/0 10.10.10.12
!
vpn 1 # Create new VPN, add interfaces and routing
interface ge 0/1
ip address 10.100.100.1/24
no shutdown
!
!
router
bgp 20
neighbor 10.100.100.2
no shutdown
remote-as 20
address-family ipv4_unicast
!
!
!
!
vpn 512
interface mgmt0
ip dhcp-client
no shutdown
!
Configuration on the vSmart Controller
Comment
TABLE OF CONTENTS
- Onboarding & Provisioning Configuring Templates
- Authentication between vSmart & vBond
- Authentication between vSmart Controller
- Authentication between vBond & vEdge Router
- Authentication between vEdge Router & vManage NMS
- Authentication between vSmart Controller & vEdge Router
- Viptela Specific Port Terminology
- Configure vManage & Generate Certificate
- Configure vBond & Generate Certificate
- Configure vSmart & Generate Certificate
- Configure vEdge & Generate Certificate
- Secure DataPlane Bringup
- Control Plane & Data Plane Operation - Unicast Routing Overview
- Configuring OMP & Its attributes
- Configure Unicast Overlay Routing
- Routing Configuration Example
- Segmentation Overview
- Configuring Segmentation
- Segmentation Configuration Example
- Data Traffic across Private WANs
- NAT in SDWAN & Data Encryption
- SD-WAN Viptela Policy Overview
- SD-WAN Centralized & Localized Control Policy Overview
- SD-WAN Centralized & Localized Data Policy
- Application – Aware Routing Overview
- Service Chaining
- Traffic Flow Monitoring
- vEdge Router as NAT Device
- Zone Based Firewalls
- Configuring Application Aware Routing
- Configure Centralized Control Policy
- Configuring Centralized Data Policy
- Configuring Cflowd Traffic Monitoring
- Configuring Zone based Firewall
- Service Chaining Configuration Example
- Configuring Service Side NAT
- Configuring Transport side NAT
RECENT POSTS
- Advancing Your Career with Cisco Data Center Mastery: A Comprehensive Guide to Nexus Training
- Securing Networks in the Digital Age: Your Guide to Mastering Cisco Identity Services Engine (ISE)
- Becoming an AWS Solution Architect: Your Path to Cloud Expertise
- Navigating Your Journey to Docker Expertise: Master Docker with Comprehensive Training and Certification
- Transform Your Azure Networking Expertise Through AZ-700 Training
- Why Choose DClessons for Your SD-WAN Velocloud Training Needs
- Next-Level Networking: Unlocking Cisco ACI and DCACIA Potential with DClessons
- Mastering Data Center Technologies with DClessons: A Comprehensive Guide to Cisco CCIE Data Center Training
- Why Choose Cisco SD-WAN Solutions with DClessons?
- What is Docker and Why is It Important?
LEAVE A COMMENT
Please login here to comment.