Citrix Systems 4.2 Server User Manual


 
External Guest Firewall Integration for Cisco VNMC (Optional)
171
14.5.3.4. Creating a Network Offering Using Cisco ASA 1000v
To have Cisco ASA 1000v support for a guest network, create a network offering as follows:
1. Log in to the CloudPlatform UI as a user or admin.
2. From the Select Offering drop-down, choose Network Offering.
3. Click Add Network Offering.
4. In the dialog, make the following choices:
Name: Any desired name for the network offering.
Description: A short description of the offering that can be displayed to users.
Network Rate: Allowed data transfer rate in MB per second.
Traffic Type: The type of network traffic that will be carried on the network.
Guest Type: Choose whether the guest network is isolated or shared.
Persistent: Indicate whether the guest network is persistent or not. The network that you can
provision without having to deploy a VM on it is termed persistent network.
VPC: This option indicate whether the guest network is Virtual Private Cloud-enabled. A Virtual
Private Cloud (VPC) is a private, isolated part of CloudPlatform. A VPC can have its own virtual
network topology that resembles a traditional physical network.
Specify VLAN: (Isolated guest networks only) Indicate whether a VLAN should be specified
when this offering is used.
Supported Services: Use Cisco VNMC as the service provider for Firewall, Source NAT, Port
Forwarding, and Static NAT to create an Isolated guest network offering.
System Offering: Choose the system service offering that you want virtual routers to use in this
network.
Conserve mode: Indicate whether to use conserve mode. In this mode, network resources are
allocated only when the first virtual machine starts in the network.
5. Click OK
The network offering is created.
14.5.3.5. Reusing ASA 1000v Appliance in new Guest Networks
You can reuse an ASA 1000v appliance in a new guest network after the necessary cleanup.
Typically, ASA 1000v is cleaned up when the logical edge firewall is cleaned up in VNMC. If this
cleanup does not happen, you need to reset the appliance to its factory settings for use in new guest
networks. As part of this, enable SSH on the appliance and store the SSH credentials by registering
on VNMC.
1. Open a command line on the ASA appliance:
a. Run the following:
ASA1000V(config)# reload