Following is the virtual Lab topology, which consists of the following virtual machines:
● vCenter Server (also use as the RDP jump box)
● ACI Simulator – release version 0.1e
● APIC-1
● Leafl and Leaf2
● Spine-1
● ESXi-1
● ESXi-2
● Linux
Task 1: The Following task will be completed.
● Creating Filters
● Creating Contracts
Explanation
To build the foundation of the application profile, it is necessary to create filters within our tenant that will be utilized by the contracts. Those contracts will then be associated with EPGs that will make up our 3-‐Tier application profile. The following are tasks that will be completed in this section of the lab.
Creating Filters:
Note: PLEASE MAKE SURE THAT YOU ARE ON THE “Uninets” TENANT BEFORE CREATING FILTERS AND CONTRACTS
Create Web Filter
In this portion of the lab, we will first create a Web Server Filter
1) In the Uninets tenant, expand the “Security Policies” window on the left-‐hand panel
2) Select the “Filters” section
3) on the right-‐hand panel, click on the “ACTIONS” button
4) Select “Create Filter”
PLEASE FOLLW THE FOLLOWING STEPS:
1) In the “Name” window, type in Web_Filter
2) On the “Entries:” window, click on the “+” and a new entry window will Please provide the following information under each window:
● Name: web_filter
● EtherType: IP
● ARP Flag: Nothing
● IP Protocol: tcp
● Source Port/Range (From): Unspecified
● Source Port/Range (To): Unspecified
● Destination Port/Range (From): http
● Destination Port/Range (To): http
● TCP Session Rules: Unspecified
3) Click on “UPDATE”
4) Once the “UPDATE” button is clicked, the “SUBMIT” button will be active. Please click on “SUBMIT” to create the web
Create App Filter
1) Click on the “ACTIONS” button
2) Select “Create Filter”
1) In the “Name” window, type in App_Filter
2) On the “Entries:” window, click on the “+” and a new entry window will appear. Please provide the following information under each window:
● Name: app_filter
● EtherType: IP
● ARP Flag:
● IP Protocol: tcp
● Source Port/Range (From): Unspecified
● Source Port/Range (To): Unspecified
● Destination Port/Range (From): 1433
● Destination Port/Range (To): 1433
● TCP Session Rules: Unspecified
Note:
When entering in “1433” into the window for “Destination Port/Range (From)” and “Destination Port/Range (To)”, make sure that you do not hit the tab key after entering in 1433. If you do so, the window may choose “https” or another entry in the options. So make sure that after you enter 1433, that the window shows 1433.
3) Click on “UPDATE”
Create DB Filter
We will now create a Database Server filter
1) Click on the “ACTIONS” button
2) Select “Create Filter”
1) In the “Name” window, type in DB_Filter
2) On the “Entries:” window, click on the “+” and a new entry window will appear. Please provide the following information under each window:
● Name: db_filter
● EtherType: IP
● ARP Flag:
● IP Protocol: tcp
● Source Port/Range (From): Unspecified
● Source Port/Range (To): Unspecified
● Destination Port/Range (From): 1521
● Destination Port/Range (To): 1521
● TCP Session Rules: Unspecified
Click on “UPDATE”
Screen Shots for all Filter Created.
Creating Contracts
With the filters created, we will now create the contracts that will use those filters. Please follow the procedures below to create the various contracts and associate the filters to those contracts.
Create Web Contract
We will first create a Web Server Contract
1) In the Uninets tenant, expand the “Security Policies” window on the left-‐hand panel
2) Select the “Contracts” section
3) On the right-‐hand panel, click on the “ACTIONS” button
4)Select “Create Contract”
Lets Create Contracts as mentioned:
1) In the “Name” window, type in Web_Con
2) Leave the other boxes default and click on the “+” next to “Subjects:”
1) In the “Name” window, type in web_subj
2) Make sure both “Reverse Filter Ports” and “Apply Both Directions” check box is checked
3) Under the “Filter Chain” window, click on the “+” sign to add a filter
4) From the drop-‐down arrow, click on that arrowto show the listof filters and select “Web_Filter” under the “Uninets” tenant
5) Once selected, click on “Update”
1) Click on “OK” to complete the filter chain selection
2) Please click on “SUBMIT” button to create the web server
3) We will now create an Application Server Contract and DB Contracts. In same
Screen Shots for App Contracts and its association with App_Filter
Screen Shots for DB Contracts and its association with DB_Filter
Below Figure will show you
Alok Rastogi is a highly experienced data center administrator and certified trainer. Currently he is working with one of the top IT companies in India. He has done CCIE DC and have more than 15 years of working experience in top companies in India. He is working as a consultant with MNC's for long years. Working experience in data center ...
More... | Author`s Bog | Book a Meeting
Its nice, better to have more tasks like these to practice more on cisco ACI.