Cisco ACI Initial APIC configuration

There are a lot of blog posts around about the Cisco ACI technology and design tips and tricks. If you want to know more about ACI, please read the Cisco ACI Fundamentials 
This post describes your first steps to create and installation of a ACI fabric. Our example design will look like this:
ACI network layout
Our network will exist in only one datacenter with two spine switches, two leaf switches and two  APIC controllers. The spine and leaf switches are connected with 40Gb/s, the APIC controllers are multihomed with 1Gb/s links.
Read more

Installing Cisco WSA

In this and other posts we’ll discuss the Cisco Web Security Appliance. This is the blog agenda:
Part 1: Introduction
Part 2: Installing
Part 3: Deploying Proxy Services
Part 4: Policies
Part 5: Acceptable use & HTTPS Inspection
Part 6: Authentication
Part 7: Defending malware
This is the 2nd post in the series.
Installation of the (virtual) WSA is straight forward. I’ll cover the most important and critical steps in a basic installation.
Hardware appliance
A hardware appliances has 5 interfaces, connect the required interface to your network:

  • T1 + T2 (used for L4TM only)
  • P1 + P2  (used for web proxy)
  • M1 (management or web proxy)

Virtual appliance
The virtual appliance is downloadable as a OVF file. Import the OVF file into you VMWare servers with the specifications as described in the previous blog post.
Your first basic installation starts with connecting to the M1 port and browse to: and login with these default credentials:

  • username: admin
  • password: ironport

You can also connect with SSH with the same login credentials. Start the interface config with the interfaceonfig command:

  • Run edit command
  • enter number 1
  • Enter IP address, netmaks and hostname.

Run  Setgateway
Select the M1 interface and enter the IP of the default gateway.
Don’t forget to commit the changes with the commit command. This is only needed for CLI configuration.
And the WSA appliance is up and running!
installation done
Read more

Cisco ISE Part 2: Installation

This is a Cisco ISE blog post series with some how-to’s for configuring the ISE deployment, This blog post series exists of 10 parts.
The blogpost Agenda:

  • Part 1: introduction
  • Part 2: installation
  • Part 3: Active Directory
  • Part 4: High Availability
  • Part 5: Configuring wired network devices
  • Part 6: Policy enforcement and MAB
  • Part 7: Configuring wireless network devices
  • Part 8: Inline posture and VPN
  • Part 9: Guest and web authentication
  • Part 10: Profiling and posture

This week, part 2: installation.
Cisco ISE installation
After installation of the software, type “setup” in the username field on the console.
A wizard appears, complete this wizard with the following information:

  • Hostname
  • IP adress
  • Netmask
  • Default Gateway
  • DNS domain
  • Nameservers
  • NTP server
  • Timezone (try to use UTC)
  • Enter a useraccount for the first admin user
  • Enter the password for this user

Make sure the NTP server is correct and reachable, NTP is important for the ISE deployment.
During the wizard proces, enter a database password and a database user password.
After the wizard, it can take up to 30 minutes before the setup completes. So, grab a coffee or something.
Read more