Configure the VLAN pool that will be used
to allocate VLANs to the firewall when you attach interfaces to
the ACI infrastructure for EPGs. The firewall’s VLAN pull should
have a static VLAN range.
Configure a dedicated domain for
the firewall. A domain for the firewall is required to map the VLANs
to the EPGs. Create a physical domain for a physical firewall and
create a VMM domain for a VM-Series firewall.
Create a VLAN pool.
Log in to your APIC.
Select
Fabric
Access Policies
Pools
VLAN
.
Right-click
VLAN
and select
Create
VLAN Pool
.
Enter a descriptive
Name
for
your VLAN pool.
Select
Dynamic Allocation
for
Allocation Mode.
Click the plus (+) button to the right of
Encap
Blocks
.
Enter your VLAN range in the
VLAN Range
field.
Select
Static Allocation
form
the Allocation Mode drop-down.
Click
OK
.
Click
Submit
.
(
Physical firewall only
) Create a physical
domain.
Select
Fabric
Access Policies
Physical and External
Domains
Physical Domains
.
Right-click
Physical Domain
and
select
Create Physical Domain
.
Enter a descriptive
Name
for
your physical domain.
Select the VLAN pool you created in the previous procedure
from the VLAN Pool list.
Click
Submit
.
(
VM-Series firewall only
) Create a VMM
domain.
Select
Virtual Networking
VMM Domains
VMware
.
Right-click
VMware
and select
Create
vCenter Domain
.
Enter a descriptive
Name
for
your VMM domain.
Select
VMware vSphere Distributed Switch
from
the
Virtual Switch
drop-down.
Select
VLAN
from the
Encapsulation
drop-down.
Select your VLAN pool from the
VLAN Pool
drop-down.
Click the plus (+) button to the right of
vCenter
Credentials
.
Enter a descriptive
Profile Name
and
your vCenter login information.
Click the plus (+) button to the right of
vCenter
.
Enter a descriptive
Name
.
Select vCenter from the Type drop-down.
Enter your vCenter IP address under
IP/Hostname
.
Select the vCenter Credentials profile you just created
from the
