Overview
Firewall Management Center Virtual offerings support both IPV4 and IPv6 from 7.3 and later. In Azure, you can deploy Firewall Management Center Virtual directly from the Marketplace offering, which creates or uses a virtual network, but currently, a limitation in Azure restricts the Marketplace application offer to use or create only IPv4-based VNet/subnets. Although, you can manually configure the IPv6 addresses to the existing VNet, a new Firewall Management Center Virtual instance cannot be added to the VNet configured with the IPv6 subnets. Azure imposes certain restrictions to deploy any third-party resources using an alternative approach other than deploying resources through Marketplace.
Cisco is currently offering two methods to deploy Firewall Management Center Virtual to support IPv6 addressing.
The following two distinct custom IPv6 templates are offered, where:
-
Custom IPv6 template (ARM template) — It is offered to deploy Firewall Management Center Virtual with IPv6 configuration using an Azure Resource Manager (ARM) template that internally refers to a marketplace image on Azure. This template contains JSON files with resources and parameter definitions that you can configure to deploy IPv6-supported Firewall Management Center Virtual. To use this template, see Deploy from Azure Using Custom IPv6 Template with Marketplace Image Reference.
Programmatic deployment is a process of granting access to the VM images on Azure Marketplace to deploy custom templates through PowerShell, Azure CLI, ARM template, or API. You are restricted to deploy these custom templates on VM without providing access to VMs. If you attempt to deploy such custom templates on VM, then the following error message is displayed:
Legal terms have not been accepted for this item on this subscription. To accept legal terms ….and configure programmatic deployment for the Marketplace item …..
You can use one of the following methods to enable Programmatic deployment in Azure to deploy the custom IPv6 (ARM) template refering to the marketplace image:
-
Azure Portal – Enable programmatic deployment option corresponding to the Firewall Management Center Virtual offering available on Azure Marketplace for deploying the custom IPv6 template (ARM template).
-
Azure CLI – Run the CLI command to enable programmatic deployment for deploying the custom IPv6 (ARM template).
-
-
Custom VHD image and IPv6 template (ARM template) — Create a managed image using the VHD image and ARM template on Azure. This process is similar to deploying Firewall Management Center Virtual by using a VHD and resource template. This template refers to a managed image during deployment and uses an ARM template which you can upload and configure on Azure to deploy IPv6-supported Firewall Management Center Virtual. See, Deploy from Azure Using a VHD and Custom IPv6 Template.
The process involved in deploying Firewall Management Center Virtual using custom IPv6 template (ARM template) in reference to marketplace image or VHD image with custom IPv6 template.
The steps involved in deploying the Firewall Management Center Virtual is as follows:
| Step |
Process |
| 1 |
Create a Linux VM in Azure where you are planning to deploy the IPv6-supported Firewall Management Center Virtual |
| 2 |
Enable Programmatic deployment option on Azure portal or Azure CLI only when you are deploying Firewall Management Center Virtual using the custom IPv6 template with Marketplace image reference. |
| 3 |
Depending on the type of deployment download the following custom templates:
|
| 4 |
Update the IPv6 parameters in the custom IPv6 (ARM) template.
|
| 5 |
Deploy the ARM template through Azure portal or Azure CLI. |