Physical Firewall—Connect the firewall’s out-of-band
management port to one leaf switch port and connect at least one
firewall data interface to the switch. Firewall interfaces on a
physical firewall are configured with VLANs to ensure connectivity
to the correct networks. Deploy the firewall according to the platform-specific installation guide.
VM-Series Firewall—When configuring the virtual hardware
for the VM-Series firewall, set the port-group for the management
interface. Each VM-Series firewall connected to the network requires
its own virtual NIC. Deploy the VM-Series
firewall based on your hypervisor.
Configure the management IP address on each firewall
Establish Cisco ACI fabric and management connectivity.
As part of this configuration, create a physical domain
and VLAN namespace. Ensure that data interfaces of any physical
firewalls are part of the physical domain.
Create a Cisco ACI VMM domain profile.
If you are using virtual machines or the VM-Series firewall,
create a virtual machine monitor (VMM) domain profile for the VMware
vSphere environment. The VMM domain specifies the connectivity policy
between vSphere and the ACI fabric.