Cisco Cisco ASA 5525-X Adaptive Security Appliance - No Payload Encryption Manual Técnica
7
XML Examples for the Cisco Application Centric Infrastructure Security Device Package, Version 1.2(1)
Interfaces
Port Channel Interfaces
This XML example creates the following port channel members and port channel interfaces (supported
only on physical ASAs at this time).
only on physical ASAs at this time).
ASA Configuration
interface GigabitEthernet0/0
channel-group 2 mode active
no nameif
no security-level
no ip address
interface GigabitEthernet0/1
channel-group 1 mode active
no nameif
no security-level
no ip address
interface Port-channel1.100
vlan 100
nameif externalIf
security-level 50
ip address 20.20.20.20 255.255.255.0 standby 20.20.20.21
interface Port-channel2.200
vlan 200
nameif internalIf
ip address 10.10.10.10 255.255.255.0 standby 10.10.10.11
XML Example
Define the port channel members, graph, then attach them to the tenant.
<polUni>
<fvTenant dn="uni/tn-tenant1" name="tenant1">
<vnsLDevVip name="Firewall" funcType="GoTo" devtype="PHYSICAL">
<vnsRsMDevAtt tDn="uni/infra/mDev-CISCO-ASA-{dp_version}"/>
<vnsRsALDevToPhysDomP tDn="uni/phys-phys"/>
<vnsCMgmt name="devMgmt" host="10.122.202.33" port="443" />
<vnsCCred name="username" value="management-user"/>
<vnsCCredSecret name="password" value="cisco"/>
<vnsDevFolder key="PortChannelMember" name="PC1a">
<vnsDevParam key="port_channel_id" name="PC1a" value="1"/>
<vnsDevParam key="interface" name="PC1a" value="Gig0/1"/>
</vnsDevFolder>
<vnsDevFolder key="PortChannelMember" name="PC2a">
<vnsDevParam key="port_channel_id" name="PC2a" value="2"/>
<vnsDevParam key="interface" name="PC2a" value="Gig0/0"/>
</vnsDevFolder>
</vnsLDevVip>
<vnsLDevCtx ctrctNameOrLbl="webCtrct" graphNameOrLbl="WebGraph" nodeNameOrLbl="FW1">
<vnsRsLDevCtxToLDev tDn="uni/tn-tenant1/lDevVip-Firewall"/>
<vnsLIfCtx connNameOrLbl="internal">
<vnsRsLIfCtxToBD tDn= "uni/tn-tenant1/BD-tenant1BD1"/>
<vnsRsLIfCtxToLIf tDn="uni/tn-tenant1/lDevVip-Firewall/lIf-internalPC"/>
</vnsLIfCtx>
<vnsLIfCtx connNameOrLbl="external">
<vnsRsLIfCtxToLIf tDn="uni/tn-tenant1/lDevVip-Firewall/lIf-externalPC"/>