CISCO logoAmata ile Cisco DNA Center ile AWSCISCO Amata ile DNA Center ile AWS

Mataupu lalafi
1 Cisco DNA Center ile AWS Overview
2 Fa'atonuina ua umaview
3 Sauniuni mo le Fa'asoa
4 Pepa / Punaoa
4.1 Fa'asinomaga
5 Fa'amatalaga Fa'atatau

Cisco DNA Center ile AWS Overview

CISCO Amata ile DNA Center ile AWS - Fa'ailoga 1 Manatua
Cisco DNA Center ua toe fa'ailogaina o le Catalyst Center, ma Cisco DNA Center VA Launchpad ua toe fa'aigoaina o Cisco Global Launchpad. I le faagasologa o le toe fa'ailoga, o le a e va'ai i igoa muamua ma igoa toe fa'aigoaina o lo'o fa'aogaina i fa'amaoniga eseese. Ae ui i lea, o Cisco DNA Center ma Catalyst Center e faasino i le oloa lava e tasi, ma Cisco DNA Center VA Launchpad ma Cisco Global Launchpad e faasino i le oloa lava e tasi.
Cisco DNA Center e ofoina atu le faʻatonuga, pulega faʻapitoa e faʻavave ma faigofie ona mamanuina, tuʻuina atu, ma faʻaoga faiga faʻavae i luga o lau siosiomaga fesoʻotaʻiga. O le Cisco DNA Center faʻaoga faʻaoga faʻaoga e maua ai le vaʻaia o fesoʻotaʻiga pito i luga ma faʻaogaina faʻamatalaga fesoʻotaʻiga e faʻamalieina ai le faʻaogaina o fesoʻotaʻiga ma tuʻuina atu le faʻaoga sili ona lelei ma le faʻaogaina o le poto masani.
Cisco DNA Center ile Amazon Web Au'aunaga (AWS) o lo'o tu'uina atu ai le fa'atinoga atoatoa o lo'o ofoina mai e le Cisco DNA Center meafaigaluega. Cisco DNA Center i luga o le AWS e tamoe i lau siosiomaga AWS ao ma pulea lau fesoʻotaʻiga mai le ao.

Ituaiga So'oga

  • Fesoʻotaʻi tuʻusaʻo
  • SD-WAN
  • Co-lo
  • (IPsec Tunnel

CISCO Amata i le Nofoaga Autu DNA i luga ole AWS - Fa'ato'a Fa'aumaview

Fa'atonuina ua umaview

E tolu auala e faʻapipiʻi ai Cisco DNA Center ile AWS:

  • Fa'atonu Fa'atonu: Cisco Global Launchpad configures Cisco DNA Center ile AWS. E fesoasoani ia te oe e fatuina au'aunaga ma vaega e mana'omia mo atina'e ao. Mo exampO lea, e fesoasoani i le fatuina o Cloud Private Clouds (VPCs), subnets, vaega saogalemu, tunnels IPsec VPN, ma faitotoa. Ona faʻaaogaina lea e le Cisco DNA Center Amazon Machine Image (AMI) e avea o se Amazon Elastic Compute Cloud (EC2) faʻatasi ma le faʻatonuga faʻatulagaina i se VPC fou faʻatasi ai ma subnets, auala feʻaveaʻi, ma isi punaoa taua e pei o Amazon CloudWatch mo le mataʻituina, Amazon DynamoDB mo setete teuina, ma vaega saogalemu.
    Cisco e tuʻuina atu auala e lua mo oe e faʻaaoga ai Cisco Global Launchpad. E mafai ona e siiina ma faʻapipiʻi Cisco Global Launchpad i luga o se masini faʻapitonuʻu, pe mafai foi ona e mauaina Cisco Global Launchpad faʻafeiloaʻi e Cisco. Po o le a lava le auala, Cisco Global Launchpad e maua ai meafaigaluega e te manaʻomia e faʻapipiʻi ma pulea lau Cisco DNA Center Virtual Appliance (VA).
    Mo nisi faʻamatalaga, vaʻai Faʻaaoga le Cisco Global Launchpad 1.8 poʻo le Deploy Use Cisco Global Launchpad 1.7.
  • Fa'atonuga Tusia Fa'aaogāina AWS CloudFormation: E te fa'apipi'i lima le Cisco DNA Center AMI i lau AWS. Nai lo le faʻaaogaina o le Cisco Global Launchpad deployment tool, e te faʻaogaina le AWS CloudFormation, o se meafaigaluega faʻapipiʻi i totonu o le AWS. Ona e faʻatulagaina lea ma le lima le Cisco DNA Center e ala i le fatuina o atinaʻe AWS, faʻatuina se alalaupapa VPN, ma faʻapipiʻi lau Cisco DNA Center VA. Mo nisi faʻamatalaga, vaʻai Faʻapipiʻi Faʻaaogaina AWS CloudFormation.
  • Fa'aoga Tusia le Fa'aaogaina o le AWS Maketi: E te fa'apipi'i lima le Cisco DNA Center AMI i lau fa'amatalaga AWS. Nai lo le faʻaaogaina o le Cisco Global Launchpad deployment tool, e te faʻaogaina le AWS Marketplace, o se faleoloa komepiuta i luga ole laiga i totonu ole AWS. E te faʻalauiloaina le polokalama e ala i le Amazon EC2 faʻalauiloaina faʻamafanafanaga, ona e faʻaogaina lea ma le lima le Cisco DNA Center e ala i le fatuina o le AWS infrastructure, faʻavaeina se VPN tunnel, ma faʻapipiʻi lau Cisco DNA Center VA. Manatua o lenei auala faʻapipiʻi, naʻo le Launch through EC2 e lagolagoina. O isi filifiliga faʻalauiloa e lua (Laumata mai Website ma Copy to Service Catalog) e le lagolagoina. Mo nisi fa'amatalaga, va'ai Fa'aaoga le AWS Maketi.

Afai e itiiti sou poto masani i le pulega a le AWS, o le auala faʻapitoa ma Cisco Global Launchpad o loʻo ofoina atu le faʻaogaina o le faʻaogaina o le faʻaogaina. Afai e te masani i le pulega a le AWS ma o loʻo i ai VPC o loʻo i ai, o auala tusi lesona e ofoina atu se isi faʻatulagaga faʻapipiʻi.
Mafaufau i faʻamanuiaga ma faʻaletonu o metotia taʻitasi ma le laulau lenei:

Fa'atonuina fa'atasi ma Cisco Global Launchpad Fa'atonuga Tusia Fa'aaogāina AWS CloudFormation Fa'atonuga Tusia Fa'aaogā le AWS Maketi
• E fesoasoani i le fausiaina o atinaʻe AWS, e pei o VPCs,
subnets, vaega saogalemu, IPsec VPN tunnels, ma faitotoa, i lau tala AWS.
• E otometi ona faʻamaeʻaina le faʻapipiʻiina o Cisco DNA
Nofoaga Tutotonu.
• E maua ai le avanoa i au VA.
• E maua ai le fa'afoeina o au VA.
• Taimi fa'atino e tusa ma le 1- 1½ itula.
• O fa'asalalauga fa'aautometi e lafo i lau Amazon CloudWatch
laupapa laupapa.
• E mafai ona e filifili i le va o se ao otometi po'o se atina'e Network File Fa'atonuga (NFS).
• So'o se suiga o le tusi lesona e faia i le fa'aogaina otometi a le Cisco DNA Center i luga o le AWS e mafai ona mafua ai le fete'ena'i ma le fa'aogaina otometi.		 • Le AWS CloudFormation file e manaʻomia le fatuina o se Cisco DNA Center VA i luga ole AWS.
• E te fatuina mea tetele AWS, e pei o VPCs, subnets, ma vaega saogalemu, i lau AWS account.
• E te fa'atuina se alavai VPN.
• E te fa'aogaina Cisco DNA Center.
• Taimi fa'atino e tusa ma le lua itula ile lua aso.
• E te manaʻomia le faʻatulagaina o le mataʻituina ma le lima e ala i le faʻamafanafanaga AWS.
• E mafai ona e fa'atulagaina na'o se NFS i le nofoaga mo fa'amaumauga.		 • Le AWS CloudFormation file e le mana'omia ona fai a
Cisco DNA Center VA ile AWS.
• E te fatuina mea tetele AWS, e pei o VPCs, subnets, ma vaega saogalemu, i lau AWS account.
• E te fa'atuina se alavai VPN.
• E te fa'aogaina Cisco DNA Center.
• Taimi fa'atino e tusa ma le lua itula ile lua aso.
• E te manaʻomia le faʻatulagaina o le mataʻituina ma le lima e ala i le faʻamafanafanaga AWS.
• E mafai ona e fa'atulagaina na'o se NFS i le nofoaga mo fa'amaumauga.

Sauniuni mo le Fa'asoa

Ae e te leʻi faʻapipiʻiina Cisco DNA Center i luga o le AWS, mafaufau i au fesoʻotaʻiga manaʻoga ma pe afai e te manaʻomia le faʻatinoina o le Cisco DNA Center lagolago ile AWS integrations ma pe faʻapefea ona e mauaina Cisco DNA Center ile AWS.
E le gata i lea, ua fautuaina malosi e Cisco oe e faʻamaonia o le Cisco DNA Center VA TAR file na e siiina mai o se Cisco TAR moni file. Va'ai Fa'amaonia le Cisco DNA Center VA TAR File, i le itulau e 6.

Avanoa Maualuga ma Cisco DNA Center i luga ole AWS
Ole Cisco DNA Center ile AWS maualuga avanoa (HA) faʻatinoga e faʻapea:

  • Node tasi EC2 HA i totonu o se Avanoa Sone (AZ) e mafai ona fa'aletonu.
  • Afai e paʻu se Cisco DNA Center EC2 faʻataʻitaʻiga, e otometi lava ona aumaia e le AWS se isi faʻataʻitaʻiga ma le tuatusi IP tutusa. Ole mea lea e fa'amautinoa ai feso'ota'iga le motusia ma fa'aitiitia fa'alavelave i taimi fa'alavelave fa'agaioiga feso'otaiga.
    CISCO Amata ile DNA Center ile AWS - Fa'ailoga 1 Manatua
    Afai e te faʻapipiʻi Cisco DNA Center i luga ole AWS e faʻaaoga ai Cisco Global Launchpad, Faʻasaʻo 1.5.0 poʻo muamua ma faʻalavelave faʻalavelave Cisco DNA Center EC2, otometi lava ona aumaia e AWS se isi faʻataʻitaʻiga i le AZ lava e tasi. I lenei tulaga, e mafai e le AWS ona tofia Cisco DNA Center se tuatusi IP ese.
  • O le poto masani ma le Toe Fa'aleleia Taimi Sini (RTO) e tutusa ma le mana outage fa'asologa i se masini Cisco DNA Center e leai ni u'amea.

Ta'iala mo le tu'ufa'atasia o Cisco ISE ile AWS ma le Cisco DNA Center ile AWS
Cisco ISE i luga ole AWS e mafai ona tuʻufaʻatasia ma Cisco DNA Center ile AWS. Ina ia tuufaatasia i latou i le ao, mafaufau i taiala nei:

  • Cisco ISE i luga o le AWS e tatau ona faʻapipiʻiina i se VPC ese mai le tasi faʻaagaga mo Cisco Global Launchpad.
  • O le VPC mo Cisco ISE i luga o le AWS e mafai ona i ai i le itulagi tutusa poʻo se isi itulagi mai le VPC mo Cisco DNA Center i luga o AWS.
  • E mafai ona e fa'aogaina le VPC po'o le Transit Gateway (TGW) e va'ava'ai, fa'alagolago i lou si'osi'omaga.
  • Ina ia faʻafesoʻotaʻi le Cisco DNA Center i luga o le AWS ma Cisco ISE i luga ole AWS e faʻaaoga ai le VPC poʻo le TGW peering, faʻaopoopo le manaʻomia faʻauluina faʻasologa i le VPC poʻo le TGW peering auala laulau ma i le auala laulau o loʻo faʻapipiʻi i le subnet e fesoʻotaʻi ma Cisco DNA Center i luga. AWS poʻo Cisco ISE ile AWS.
  • Cisco Global Launchpad e le mafai ona iloa soʻo se suiga i fafo atu o le faʻalapotopotoga i faʻalapotopotoga na faia e Cisco Global Launchpad. O nei fa'alapotopotoga e aofia ai VPCs, VPNs, TGWs, TGW fa'apipi'i, subnets, ta'avale, ma isi. Mo example, e mafai ona tape pe suia se VA pod na faia e Cisco Global Launchpad mai se isi talosaga, ma Cisco Global Launchpad e le iloa e uiga i lenei suiga.

I le faaopoopo atu i tulafono faigofie e mafai ona maua, e te manaʻomia le faʻatagaina o ports i totonu mo le faʻapipiʻiina o se vaega saogalemu i le Cisco ISE faʻataʻitaʻiga i le ao:

  • Mo Cisco DNA Center i luga ole AWS ma Cisco ISE ile AWS tu'ufa'atasia, fa'ataga TCP ports 9060 ma 8910.
  • Mo radius fa'amaoni, fa'ataga UDP ports 1812, 1813, ma so'o se isi lava ports mafai.
  • Mo le pulega o masini e ala i le TACACS, fa'ataga le TCP port 49.
  • Mo fa'aopoopoga fa'aopoopo, pei ole Datagram Transport Layer Security (DTLS) poʻo le RADIUS Suiga o le Faʻatagaina (CoA) faia i Cisco ISE i luga o le AWS, faʻatagaina ports talafeagai.

Ta'iala mo le Avanoa Cisco DNA Center ile AWS
A maeʻa ona e faia se faʻataʻitaʻiga faʻapitoa o Cisco DNA Center, e mafai ona e mauaina e ala i le Cisco DNA Center GUI ma CLI.

CISCO Amata ile DNA Center ile AWS - Fa'ailoga 2 Taua
O le Cisco DNA Center GUI ma le CLI e mafai ona maua na'o le Enterprise network, ae le o le lautele. Faatasi ai ma le auala faʻapipiʻi otometi, Cisco Global Launchpad faʻamautinoa e mafai ona maua le Cisco DNA Center mai le Initaneti intranet. Faatasi ai ma le auala faʻapipiʻi tusi, e tatau ona e faʻamautinoa e le mafai ona maua le Cisco DNA Center i luga o le initaneti lautele mo mafuaaga saogalemu.
Ta'iala mo le Avanoa i le Cisco DNA Center GUI
Ina ia maua le Cisco DNA Center GUI:

  • Fa'aaogā se su'esu'ega lagolago. Mo se lisi o loʻo iai nei o suʻesuʻega lagolago, vaʻai i le Faʻamatalaga Faʻamatalaga mo Cisco Global Launchpad.
  • I totonu o se suʻesuʻega, faʻapipiʻi le tuatusi IP o lau Cisco DNA Center faʻataʻitaʻiga i le faatulagaga lenei: http://ip-address/dna/home
    Mo exampLe: http://192.0.2.27/dna/home
  • Fa'aaogā fa'ailoga nei mo le saini muamua:
    Username: admin
    Upu faataga: maglev1@3

Manatua
E mana'omia oe e sui lenei fa'aupuga pe a e ulufale i le Cisco DNA Center mo le taimi muamua. O le upu faataga e tatau ona:

  • Aveese so'o se fa'amaufa'ailoga po'o laina fa'amavae
  • Ia le itiiti ifo i le valu mataitusi
  • E iai mataitusi mai le itiiti ifo ma le tolu o vaega nei:
  • Mataitusi laiti (az)
  • Mataitusi tetele (AZ)
  • Numera (0-9)
  • Fa'ailoga fa'apitoa (mo fa'ata'ita'igaample, ! po'o #)

Ta'iala mo le Avanoa ile Cisco DNA Center CLI
Ina ia maua le Cisco DNA Center CLI:

  • Fa'aoga le tuatusi IP ma ki e fetaui ma le metotia na e fa'aogaina e fa'aogaina ai le Cisco DNA Center:
    • Afai na e faʻaaogaina Cisco DNA Center e faʻaaoga ai Cisco Global Launchpad, faʻaaoga le tuatusi IP ma ki na tuʻuina mai e Cisco Global Launchpad.
    • Afai na e fa'aogaina ma le lima le Cisco DNA Center e fa'aaoga ai le AWS, fa'aoga le tuatusi IP ma ki na tu'uina mai e le AWS.
      CISCO Amata ile DNA Center ile AWS - Fa'ailoga 1 Manatua
      O le ki e tatau ona .pem file. Afai o le ki file o lo'o la'u mai e fai ma key.cer file, e tatau ona e toe faaigoa le file i le ki.pem.
  • Suia ma le lima fa'atagaga avanoa ile key.pem file i le 400. Fa'aaoga le Linux chmod command e sui ai fa'atagaga avanoa. Mo example: chmod 400 key.pem
  • Fa'aoga le fa'atonuga Linux lea e maua ai le Cisco DNA Center CLI: ssh -i key.pem maglev@ip-address -p 2222
    Mo example: ssh -i key.pem maglev@192.0.2.27 -p 2222

Fa'amaonia le Cisco DNA Center VA TAR File
Aʻo leʻi faʻapipiʻiina le Cisco DNA Center VA, matou te fautuaina malosi e te faʻamaonia o le TAR file na e siiina mai o se Cisco TAR moni file.
Ae e te le'i amataina
Ia mautinoa ua e siiina mai le Cisco DNA Center VA TAR file mai le Cisco Software Download site.
Taualumaga
Laasaga 1
Sii mai le Cisco lautele ki (cisco_image_verification_key.pub) mo le saini faʻamaonia mai le nofoaga faʻamaonia e Cisco.
Laasaga 2
La'u mai le su'ega o le hash algorithm (SHA512). file mo le TAR file mai le nofoaga na faʻamaonia e Cisco.
Laasaga 3
Maua le TAR filesaini file (.sig) mai Cisco lagolago e ala i imeli po o le download mai le Cisco saogalemu webnofoaga (pe a maua).
Laasaga 4
(Filifili) Faia se fa'amaoniga SHA e iloa ai pe o le TAR file ua leaga ona o se vaega o le download.
Fa'alagolago i lau faiga fa'aoga, fa'aofi se tasi o tulafono nei:

  • I luga o se faiga Linux: sha512sumfile-fileigoa>
  • I luga o le Mac system: shasum -a 512file-fileigoa>

Microsoft Windows e le o aofia ai se faʻaogaina o siaki siaki, ae e mafai ona e faʻaogaina le meafaigaluega certutil: certutil -hashfile <fileigoa> sha256
Mo example: certutil -hashfile D:\Customers\Launchpad-desktop-server-1.x.0.tar.gz sha256
I luga o Windows, e mafai foʻi ona e faʻaogaina le Windows PowerShell e faʻatupu ai le faʻasologa. Mo exampLe:
PS C:\Users\Administrator> Get-FileHash -Ala
D:\Customers\Launchpad-desktop-server-1.x.0.tar.gz
Algorithm Hash Path
SHA256 D:\Customers\Launchpad-desktop-server-1.x.0.tar.gz
Fa'atusatusa le fa'atonuga i le SHA512 siaki siaki file na e sii maia. Afai e le fetaui le faʻatonuga, download le TAR file toe fai le poloaiga talafeagai mo le taimi lona lua. Afai e le'o fetaui le fa'atinoga, fa'afeso'ota'i le lagolago a Cisco.
Laasaga 5
Faʻamaonia o le TAR file e moni ma mai Cisco e ala i le faʻamaonia o lana saini:
openssl dgst -sha512 -fa'amaonia cisco_image_verification_key.pub -saini <signature-fileigoa> <tar-file-fileigoa>
Manatua
O lenei poloaiga e galue i Mac ma Linux siosiomaga. Mo Windows, e tatau ona e sii maia ma fa'apipi'i le OpenSSL (e maua ile OpenSSL Downloads site) pe afai e te le'i faia.
Afai o le TAR file e moni, o le fa'atinoina o lenei fa'atonuga e fa'aalia ai se fe'au Fa'amaonia OK. Afai e le mafai ona faʻaalia lenei feʻau, aua le faʻapipiʻi le TAR file ma fa'afeso'ota'i le lagolago a Cisco.

CISCO logo

Pepa / Punaoa

CISCO Amata ile DNA Center ile AWS [pdf] Tusi Taiala
Amata ile DNA Center ile AWS, Amata ile DNA Center ile AWS, DNA Center ile AWS, Center ile AWS

Fa'asinomaga

Fa'amatalaga Fa'atatau

Tuu se faamatalaga

E le fa'asalalauina lau tuatusi imeli. Fa'ailogaina fanua mana'omia *