The Cisco Virtual Network Management Center (Cisco VNMC) is a virtual appliance that provides centralized device and security policy management for Cisco virtual services. Designed to support enterprise and multiple-tenant cloud deployments, the Cisco VNMC provides transparent, seamless, and scalable management for securing virtualized data center and cloud environments.
Cisco VNMC System Requirements
One virtual CPU
25 GB on a shared network file storage (NFS) or a storage area network (SAN) if Cisco VNMC is deployed in a high availability (HA) cluster
One management network interface
x86 Intel or AMD server with 64-bit processor listed in the VMware compatibility matrix
1 We recommend Mozilla Firefox 11.0 with Adobe Flash Player 11.2.
Firewall Ports Requiring Access
Cisco Nexus 1000V Series Switch Requirements
The procedures in this guide assume that the Cisco Nexus 1000V Series switch is up and running, and that endpoint Virtual Machines (VMs) are installed.
Two VLANs configured on the Cisco Nexus 1000V Series switch uplink ports:
Neither VLAN needs to be the system VLAN.
One port profile configured on the Cisco Nexus 1000V Series Switch for the service VLAN.
Information Required for Installation and Configuration
For Deploying the VNMC OVA
Location of files
Storage location, if more than one location is available
Management port profile name for VM management
The management port profile is the same port profile that is used for VSM. The port profile is configured in VSM and is used for the Cisco VNMC management interface.
Gateway IP address
Shared secret password for communications between the Cisco VNMC, Cisco VSG, and VSM.
For Configuring vCenter in VNMC
Hostname or IP address
Shared Secret Password Criteria
A shared secret password is a password that is known only to those using a secure communication. Passwords are designated strong if they cannot be easily guessed for unauthorized access. When you set a shared secret password for communications between the Cisco VNMC, Cisco VSG, and VSM, adhere to the following criteria for setting valid, strong passwords:
Do not include the following items in passwords:
Characters: & ' " ` ( ) < > | \ ; $
Create strong passwords based on the following characteristics:
Table 1 Characteristics of Strong Passwords
Strong passwords have...
Strong passwords do not have...
At least eight characters.
Lowercase letters, uppercase letters, digits, and special characters.
Consecutive characters, such as abcd.
Characters repeated three or more times, such as aaabbb.
A variation of the word Cisco, such as cisco, ocsic, or one that changes the capitalization of letters in the word Cisco.
The username or the username in reverse.
A permutation of characters present in the username or Cisco.
Examples of strong passwords are:
ESXi and ESX Server Requirement
You must set the clock to the correct time on all ESXi and ESX servers that will run Cisco VNMC, ASA 1000V instances, Cisco VSG, or VSM. If you do not set the correct time on the server, the Cisco VNMC CA certificate that is created when the Cisco VNMC VM is deployed might have an invalid time stamp. An invalid time stamp can prevent you from successfully registering ASA 1000V instances to the Cisco VNMC.
After you set the clock to the correct time on all ESXi and ESX servers that run the Cisco VNMC, you can, as an option, set the clock on the Cisco VNMC as follows:
If you set the clock manually, be sure to enter the correct time zone as a Coordinated Universal Time (UTC) offset.
If you set the clock by synchronizing with the Network Time Protocol (NTP), you can select the UTC time zone.
Installing Cisco VNMC
You can deploy the VNMC OVA, resulting in a VNMC VM.
Before You Begin
You must set your keyboard to United States English before installing the Cisco VNMC and using the VM console.
Verify that the VNMC OVA image is available in the vSphere client.
There is no dependency on the VM hardware version, so the VM hardware version can be upgraded if required.
Choose the host on which to deploy the VNMC VM.
From the File menu, choose Deploy OVF Template.
The Deploy OVF Template screen opens.
In the Source screen, choose the VNMC OVA, and then click Next.
Figure 1. Source Screen
The OVF Template Details screen opens.
In the OVF Template Details screen, review the details of the VNMC template, and then click Next.
The End User License Agreement screen opens.
In the End User License Agreement screen, click Accept, and then click Next.
In the Name and Location screen, provide the required information, and then click Next.
The Deployment Configuration screen opens.
In the Deployment Configuration screen, choose VNMC Installer from the Configuration drop-down list, and then click Next.
The Datastore screen opens.
In the Datastore screen, choose the data store for the VM, and then click Next. The storage can be local or shared remote, such as NFS or SAN.
If only one storage location is available for an ESX host, this screen is not displayed and the VM is assigned to the storage location that is available.
Figure 2. Datastore Screen
The Disk Format screen opens.
In the Disk Format screen, click either Thin provisioned format or Thick provisioned format to store the VM virtual disks, then click Next. The default is Thick provisioned format. If you do not want to allocate the storage immediately, use the Thin provisioned format.
You can safely ignore the red text in the window.
The Network Mapping screen opens.
In the Network Mapping screen, choose the management network port profile for the VM, and then click Next.
The Properties screen opens.
In the Properties screen, provide the required information, and address any errors described in the red text messages below the selection box (if needed, you can enter placeholder information as long as your entry meets the field requirements); and then click Next.
You can safely ignore the VNMC Restore fields.
Figure 3. Properties Screen
The Ready to Complete screen opens.
In the Ready to Complete Screen, review the deployment settings, and then click Finish. A progress indicator shows the task progress until VNMC is deployed.
Any discrepancies can cause VM booting issues. Carefully review the IP address, subnet mask, and gateway information.