Provides instructions for configuring an NSG in Azure, including adding inbound security rules for controller connectivity and access, specifying rule parameters, and verifying VM connectivity and deployment.
This procedure describes how to configure the NSG in Azure.
For more information about tasks in Azure, see the Azure documentation.
Before you begin
The NSG is a functionally related to firewall policy. When configuring the NSG, it is helpful to be aware of firewall port configuration in Cisco Catalyst SD-WAN. For more information on firewall ports, see Firewall Ports for Cisco SD-WAN Deployments.
Follow the steps to configure the NSG.
Procedure
| 1. | Using the Azure portal, add inbound security rules to the NSG created in an earlier task. This allows inbound traffic from the IP ranges for:
For the NSG, use the option to add inbound security rules. These rules must allow all the controller VM IP addresses, to enable the required connectivity between the SD-WAN Control Components. When creating a new inbound security rule, ensure that you complete the following actions:
|
|
| 2. | To verify connectivity, log in to the VM using the primary network interface with the public IP of SD-WAN Manager. |
What to do next
Verify the deployment of SD-WAN Control Components in Azure.