EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFService Insertion FW traffic flow
Service Insertion FW traffic flow
Task: Configure Service Insertion FW in such a way that traffic from Branch1 to Branch 2 traverse through FW at DC1 or DC2.
Configure the Following to achieve this task:
Topology:
Solution:
Go to Configuration | Policy | Centralized Policy | Add Policy | Create Groups of Interest | Next to move to Configure Topology & VPN Membership
Click Add Topology | Custom Control Topology | Name Multi-Topology-FW | Sequence Type Route: Name: VPN20toDC | Match Site Id All-Branches, VPN-id Secpci-VPN | Action Accept, Set TLOC: DC-TLOCs
Click Sequence Type: Route | Name FW-Service-Insertion | Match VPN ID: Corp-VPN, Site ID: All-Branches | Match Accept | Service FW VPN 10 |
Default Action | Accept
Click on VPN Membership | Add VPN Membership Policy | Name Drop-GuestWifi-VPN40 | Site List: All-Branches, VPN-List Corp-VPN, SecPci-VPN | Save
Click Next to Move Traffic Data Rules | Traffic Data | Add Policy | Create New | Name Application Firewall Drop
Comment
TABLE OF CONTENTS
- Onboarding & Provisioning Configuring Templates
- Authentication between vSmart & vBond
- Authentication between vSmart Controller
- Authentication between vBond & vEdge Router
- Authentication between vEdge Router & vManage NMS
- Authentication between vSmart Controller & vEdge Router
- Viptela Specific Port Terminology
- Configure vManage & Generate Certificate
- Configure vBond & Generate Certificate
- Configure vSmart & Generate Certificate
- Configure vEdge & Generate Certificate
- Secure DataPlane Bringup
- Control Plane & Data Plane Operation - Unicast Routing Overview
- Configuring OMP & Its attributes
- Configure Unicast Overlay Routing
- Routing Configuration Example
- Segmentation Overview
- Configuring Segmentation
- Segmentation Configuration Example
- Data Traffic across Private WANs
- NAT in SDWAN & Data Encryption
- SD-WAN Viptela Policy Overview
- SD-WAN Centralized & Localized Control Policy Overview
- SD-WAN Centralized & Localized Data Policy
- Application – Aware Routing Overview
- Service Chaining
- Traffic Flow Monitoring
- vEdge Router as NAT Device
- Zone Based Firewalls
- Configuring Application Aware Routing
- Configure Centralized Control Policy
- Configuring Centralized Data Policy
- Configuring Cflowd Traffic Monitoring
- Configuring Zone based Firewall
- Service Chaining Configuration Example
- Configuring Service Side NAT
- Configuring Transport side NAT
RECENT POSTS
- Advancing Your Career with Cisco Data Center Mastery: A Comprehensive Guide to Nexus Training
- Securing Networks in the Digital Age: Your Guide to Mastering Cisco Identity Services Engine (ISE)
- Becoming an AWS Solution Architect: Your Path to Cloud Expertise
- Navigating Your Journey to Docker Expertise: Master Docker with Comprehensive Training and Certification
- Transform Your Azure Networking Expertise Through AZ-700 Training
- Why Choose DClessons for Your SD-WAN Velocloud Training Needs
- Next-Level Networking: Unlocking Cisco ACI and DCACIA Potential with DClessons
- Mastering Data Center Technologies with DClessons: A Comprehensive Guide to Cisco CCIE Data Center Training
- Why Choose Cisco SD-WAN Solutions with DClessons?
- What is Docker and Why is It Important?
LEAVE A COMMENT
Please login here to comment.