Cisco Cisco ASA 5585-X with No Payload Encryption Manual Técnica
5
XML Examples for the Cisco Application Centric Infrastructure Security Device Package, Version 1.2(6)
Interfaces
Routed Firewall Interfaces
This XML example creates the following routed interfaces. The example is for a hardware ASA; VLANs
are dynamically assigned.
are dynamically assigned.
ASA Configuration
interface GigabitEthernet0/0.655
vlan 655
mac-address 00aa.00bb.00cc standby 00ff.00ff.ffff
nameif externalIf
security-level 50
ip address 20.20.20.20 255.255.255.0 standby 20.20.20.21
interface GigabitEthernet0/1.968
vlan 968
nameif internalIf
security-level 100
ip address 10.10.10.10 255.255.255.0 standby 10.10.10.11
XML Example
Define a graph, then attach it to the tenant.
polUni>
<fvTenant name="tenant1">
<vnsAbsGraph name = "WebGraph">
<vnsAbsTermNodeCon name = "Input1">
<vnsAbsTermConn name = "C1">
</vnsAbsTermConn>
</vnsAbsTermNodeCon>
<!-- FW1 Provides FW functionality -->
<vnsAbsNode name = "FW1">
<vnsRsDefaultScopeToTerm tDn="uni/tn-tenant1/AbsGraph-WebGraph/AbsTermNodeProv-Output1/outtmnl"/>
<vnsAbsFuncConn name = "external" attNotify="yes">
<vnsRsMConnAtt tDn="uni/infra/mDev-CISCO-ASA-{dp_version}/mFunc-Firewall/mConn-external" />
</vnsAbsFuncConn>
<vnsAbsFuncConn name = "internal" attNotify="yes">
<vnsRsMConnAtt tDn="uni/infra/mDev-CISCO-ASA-{dp_version}/mFunc-Firewall/mConn-internal" />
</vnsAbsFuncConn>
<vnsAbsDevCfg>
<vnsAbsFolder key="Interface" name="internalIf">
<vnsAbsFolder key="InterfaceConfig" name="internalIfCfg">
<vnsAbsFolder key="IPv4Address" name="internalIfIP">
<vnsAbsParam key="ipv4_address" name="ipv4_internal" value="10.10.10.10/255.255.255.0"/>
<vnsAbsParam key="ipv4_standby_address" name="ipv4_internals" value="10.10.10.11"/>
</vnsAbsFolder>
<vnsAbsParam key="security_level" name="internal_security_level" value="100"/>
</vnsAbsFolder>
</vnsAbsFolder>
<vnsAbsFolder key="Interface" name="externalIf">
<vnsAbsFolder key="InterfaceConfig" name="externalIfCfg">
<vnsAbsFolder key="IPv4Address" name="externalIfIP">
<vnsAbsParam key="ipv4_address" name="ipv4_external" value="20.20.20.20/255.255.255.0"/>
<vnsAbsParam key="ipv4_standby_address" name="ipv4_externals" value="20.20.20.21"/>