Information About Installing the Cisco PNSC and the Cisco VSG
This chapter describes how to install and set up a basic working configuration of the Cisco PNSC and Cisco VSG. The example in this chapter uses the OVF template method to install the OVA files of the software. The steps assume that the Cisco Nexus 1000V Series switch is operational, and endpoint VMs are already installed.
Cisco VSG and Cisco PNSC Installation Planning Checklists
Planning the arrangement and architecture of your network and equipment is essential for a successful operation of the Cisco PNSC and Cisco VSG.
Basic Hardware and Software Requirements
The following table lists the basic hardware and software requirements for Cisco VSG and Cisco PNSC installation.
The Cisco VSG software is available for download at http://www.cisco.com/en/US/products/ps13095/index.html and the Cisco PNSC software is available for download at http://www.cisco.com/en/US/products/ps13213/index.html.
Requirement | Description | ||||
---|---|---|---|---|---|
Two Virtual CPUs |
1.5 GHz for each Virtual CPU |
||||
Memory |
4 GB RAM for the Cisco VSG and 4 GB RAM for the Cisco PNSC or 8 GB for both |
||||
Disk Space |
One of the following, depending on InterCloud functionality:
|
||||
Processor |
x86 Intel or AMD server with a 64-bit processor listed in the VMware compatibility matrix.
|
||||
VMware vSphere |
ESXi 5.0 or 5.1 |
||||
VMware vCenter |
Release 5.1 (5.0 vCenter supports host version upto 5.0) |
||||
Intel Virtualization Technology (VT) |
Enabled in the BIOS |
||||
Browser |
Any of the following browsers:
|
||||
Ports |
Access to the Cisco PNSC application using a web browser and the following ports (if the deployment uses a firewall, make sure to permit the following ports):
|
||||
Flash Player |
Adobe Flash Player plugin 11.2 or higher |
License Requirements
Cisco VSG license is integrated with the Nexus1000V Multi-Hypervisor License. You need to install the Nexus1000V Multi-Hypervisor License for Cisco VSG for VMware vSphere. The Cisco N1kv VSM is available in two modes: essential and advanced. VSG functionality is available only in the advanced mode. You need to install the Nexus1000V Multi-Hypervisor License and change the VSM mode to advanced mode. When the Nexus1000V Multi-Hypervisor License is installed, the license for Cisco VSG is automatically included.
- Default: The Nexus 1000v
switch may be configured in Essential or Advanced mode.
- Essential Mode: Not Supported.
- Advanced Mode: After upgrading the software, Nexus1000V Multi-Hypervisor License is available with 1024 Socket Count and expires in 60 days.
Note
You must install either the evaluation or the permanent (NEXUS1000V_LAN_SERVICES_PKG) license prior to upgrading to the latest software.
- Evaluation: The Nexus 1000V switch should be in Advanced mode. After upgrading the software, Nexus1000V Multi-Hypervisor License is available with1024 Socket Count and expires in 60 days.
- Permanent: The Nexus 1000V switch should be in Advanced mode. After upgrading the software, Nexus1000V Multi-Hypervisor License is available with 1024 Socket Count and expires in 60 days.
Note |
You have to request for an evaluation or permanent Nexus1000V Multi-Hypervisor License. |
For more information about the Cisco Nexus 1000V for VMware vSphere licenses, see the Cisco Nexus 1000V for VMware vSphere License Configuration Guide.
VLAN Configuration Requirements
Follow these VLAN requirements to prepare the Cisco Nexus 1000V Series switch for further installation processes:
-
You must have two VLANs that are configured on the Cisco Nexus 1000V Series switch uplink ports: the service VLAN and an HA VLAN (the VLAN does not need to be the system VLAN).
-
You must have two port profiles that are configured on the Cisco Nexus 1000V Series switch: one port profile for the service VLAN and one port profile for the HA VLAN (you will be configuring the Cisco VSG IP address on the Cisco VSG so that the Cisco Nexus 1000V Series switch can communicate with it)
Required Cisco PNSC and Cisco VSG Information
The following information can be used later during the Cisco PNSC and Cisco VSG installation.
Type | Your Information | ||
---|---|---|---|
Cisco VSG name—Unique within the inventory folder and up to 80 characters |
|||
Hostname—Where the Cisco VSG will be installed in the inventory folder |
|||
Datastore name—Where the VM files will be stored |
|||
Cisco VSG management IP address |
|||
VSM management IP address |
|||
Cisco PNSC instance IP address |
|||
Mode for installing the Cisco VSG |
|
||
Cisco VSG VLAN number
|
|||
Cisco VSG port profile name
|
|||
HA pair ID (HA domain ID) |
|||
NSC DNS IP address |
|||
NSC NTP IP address |
|||
Cisco VSG admin password |
|||
Cisco PNSC admin password |
|||
Cisco VSM admin password |
|||
Shared secret password (Cisco PNSC, Cisco VSG policy agent, Cisco VSM policy agent) |
Tasks and Prerequisites Checklist
Tasks |
Prerequisites | ||||
---|---|---|---|---|---|
Task 1: Installing the Cisco PNSC from an OVA Template |
|
||||
Task 2: On the Cisco PNSC, Setting Up VM-Mgr for vCenter Connectivity |
|
||||
Task 3: On the VSM, Configuring the Cisco PNSC Policy Agent |
|
||||
Task 4: On the VSM, Preparing Cisco VSG Port Profiles |
|
||||
Task 5: Installing the Cisco VSG from an OVA Template |
|
||||
Task 6: On the Cisco VSG and Cisco PNSC, Verifying the NSC Policy-Agent Status | — | ||||
Task 7: On the Cisco PNSC, Configuring a Tenant and Security Profile |
|
||||
Task 8: On the Cisco PNSC, Importing Service Image | — | ||||
Task 10: On the Cisco PNSC, Configuring a Permit-All Rule | — | ||||
Task 11: On the Cisco VSG, Verifying the Permit-All Rule | — | ||||
Task 12: Enabling Logging | — | ||||
Task 13: Enabling the Traffic VM Port-Profile for Firewall Protection and Verifying the Communication Between the VSM, VEM, and VSG |
|
||||
Task 14: Sending Traffic Flow and on the Cisco VSG Verifying Statistics and Logs | — |
Host Requirements
-
ESXi platform that runs VMware software release 5.5, 6.0, and 6.5a with a minimum of 4 GB physical RAM for the Cisco VSG and 4 GB physical RAM for the Cisco PNSC.
-
1 processor
-
Four Virtual CPUs with speed of 1.5 GHz for each virtual CPU
Obtaining the Cisco PNSC and the Cisco VSG Software
The Cisco VSG software is available for download at the following URL:
http://www.cisco.com/en/US/products/ps13095/index.htmlThe Cisco PNSC software is available for download at the following URL:
http://www.cisco.com/en/US/products/ps13213/index.html