Cisco Cisco ASA 5545-X Adaptive Security Appliance - No Payload Encryption Technisches Handbuch
27
XML Examples for the Cisco Application Centric Infrastructure Security Device Package, Version 1.2(6)
Support for Cisco TrustSec
</vnsLDevVip>
</fvTenant>
</polUni>
'''
Manually Assigning a Security Group Tag (SGT) to an IP Host Mapping
Manually
Manually
test2_trustSecxml='''\
<polUni>
<fvTenant name="tenant1">
<vnsLDevVip name="Firewall">
<vnsDevFolder key="TrustSec" name="TrustSec">
<vnsDevFolder key="TrustSecSGTMap" name="SGTMap">
<vnsDevParam key="ip_address" name="ip_address" value="30.30.30.100"/>
<vnsDevParam key="security_group_tag" name="tag" value="100"/>
</vnsDevFolder>
<vnsDevFolder key="TrustSecSGTMap" name="SGTMap2">
<vnsDevParam key="ip_address" name="ip_address" value="2001:3030:30::112"/>
<vnsDevParam key="security_group_tag" name="tag" value="65519"/>
</vnsDevFolder>
</vnsDevFolder>
</vnsLDevVip>
</fvTenant>
</polUni>
'''
Configuring a TrustSec SXP Configuration to Get SGT From an AAA-Server
test3_trustSecxml='''\
<polUni>
<fvTenant name="tenant1">
<vnsLDevVip name="Firewall">
<vnsDevFolder key="TrustSec" name="TrustSec">
<vnsDevFolder key="SXP" name="SXP">
<vnsDevParam key="default_password" name="default_password" value="cisco123"/>
<vnsDevParam key="retry_period" name="retry_period" value="60"/>
<vnsDevParam key="enable" name="enable" value="true"/>
<vnsDevParam key="reconciliation_period" name="reconciliation_period" value="60"/>
</vnsDevFolder>
</vnsDevFolder>
</vnsLDevVip>
</fvTenant>
</polUni>
'''
Configuring a SXP Listener and Speaker
test4_trustSecxml='''\
<polUni>
<fvTenant name="tenant1">
<vnsLDevVip name="Firewall">
<vnsDevFolder key="TrustSec" name="TrustSec">
<vnsDevFolder key="SXP" name="SXP">