Cisco Cisco ASA 5545-X Adaptive Security Appliance Manual Técnica
2
XML Examples for the Cisco Application Centric Infrastructure Security Device Package, Version 1.2(3)
Northbound API
•
•
•
•
•
•
•
Northbound API
The following is a sample XML for accessing the ASA. For a multi-context ASA, access information
directly under vnsLDevVip is that of the admin context in the ASA; the one in the vnsCDev folder is that
of the target user context. Again, admin context can be used as the target user context.
directly under vnsLDevVip is that of the admin context in the ASA; the one in the vnsCDev folder is that
of the target user context. Again, admin context can be used as the target user context.
Only one context from a given multi-context ASA is allowed here.
<polUni>
<fvTenant
dn="uni/tn-tenant1"
name="tenant1">
<vnsLDevVip name="Firewall" devtype="PHYSICAL">
<vnsRsMDevAtt tDn="uni/infra/mDev-CISCO-ASA-1.2"/>
<!---Admin context access information ---/>
<vnsCMgmt name="devMgmt" host="172.23.204.205" port="443"/>
<vnsCCred name="username" value="admin"/>
<vnsCCredSecret name="password" value="somepassword"/>
<vnsCDev name="ASA">
<!---User context access information ---/>
<vnsCMgmt name="devMgmt" host="172.23.204.123" port="443" />
<vnsCCred name="username" value="admin" />
<vnsCCredSecret name="password" value="otherpassword" />
</vnsCDev>
</vnsLDevVip>
</fvTenant>
</polUni>
Interfaces
Interfaces are typically set up as part of the overall infrastructure on the APIC using a service graph. The
graphs are associated with contracts, concrete devices, logical devices, and logical interfaces. The graphs
also require the interface IP addresses to be in an appropriate range previously defined for the associated
tenant. The graph setups show the various interface types. For an ASAv, interfaces are defined on the
ASA itself using the physical interfaces; for the hardware ASAs, interfaces are defined using VLANs.
The XML files to define the interfaces are the same, and the device package uses the “devtype” field
graphs are associated with contracts, concrete devices, logical devices, and logical interfaces. The graphs
also require the interface IP addresses to be in an appropriate range previously defined for the associated
tenant. The graph setups show the various interface types. For an ASAv, interfaces are defined on the
ASA itself using the physical interfaces; for the hardware ASAs, interfaces are defined using VLANs.
The XML files to define the interfaces are the same, and the device package uses the “devtype” field