cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1422
Views
5
Helpful
3
Replies

vManage firewall rules

JW_UK
Level 1
Level 1

Hi there,

 

On the link below under the “Administrative Ports Used by vManage NMS” section is mentions 'incomming' traffic:

 

https://sdwan-docs.cisco.com/Product_Documentation/Getting_Started/Viptela_Overlay_Network_Bringup/01Bringup_Sequence_of_Events/Firewall_Ports_for_Viptela_Deployments

 

FW rules.JPG

 

Can anyone confirm if this traffic flow is initiated by vManage towards the SD-WAN router, in otherwords internet (untrusted) to internal network (private)?

 

Thanks!

2 Accepted Solutions

Accepted Solutions

daniel.dib
Level 7
Level 7

Incoming means that it's traffic coming in to vManage. You need HTTPs to reach the GUI for management. SSH is so you can use the vManage CLI and so on.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.

View solution in original post

TusharGaba0848
Level 1
Level 1
Basically incoming would be to the box traffic to vManage, now depending where is your vManage and who is trying to make a connection to it, and depending where Firewall is in the transit, create rules accordingly. In Security Verbiage, “To the Box” traffic should explain it.

View solution in original post

3 Replies 3

daniel.dib
Level 7
Level 7

Incoming means that it's traffic coming in to vManage. You need HTTPs to reach the GUI for management. SSH is so you can use the vManage CLI and so on.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.

TusharGaba0848
Level 1
Level 1
Basically incoming would be to the box traffic to vManage, now depending where is your vManage and who is trying to make a connection to it, and depending where Firewall is in the transit, create rules accordingly. In Security Verbiage, “To the Box” traffic should explain it.

Thanks both, that makes sense, I was worried it was incomming to the sd-wan router and not vManage.