{"id":45,"date":"2016-07-25T14:51:37","date_gmt":"2016-07-25T14:51:37","guid":{"rendered":"http:\/\/blog.purplescreen.fr\/?p=45"},"modified":"2016-10-14T13:44:26","modified_gmt":"2016-10-14T11:44:26","slug":"ouverture-de-ports-asa-pour-vdp","status":"publish","type":"post","link":"https:\/\/blog.purplescreen.fr\/?p=45","title":{"rendered":"Ouverture de ports avec Cisco ASA Virtuel pour VDP"},"content":{"rendered":"

Introduction<\/h4>\n

Ce LAB a pour but d’apprendre \u00e0 configurer un Cisco ASA (Version 9.3) en ouvrant le minimum de ports entre le vCenter, ESXi et VDP pour un maximum de s\u00e9curit\u00e9.<\/p>\n

Pour rappel, VDP est une appliance VMware qui permet d’effectuer les sauvegardes de vos VMs ou Appliances. Pour plus d’information, vous pouvez vous reporter \u00e0 la documentation VMware (http:\/\/www.vmware.com\/fr\/support\/support-resources\/pubs\/vdr_pubs.html<\/a>).<\/p>\n

Configuration<\/h4>\n

Pour effectuer ce LAB, j’ai utilis\u00e9 un Cisco ASAv (Version 9.3)\u00a0qui me permet de faire les ACLs entre les VMs. Le r\u00e9seau 10.10.10.0\/24 est mon r\u00e9seau de management et le r\u00e9seau 40.40.40.0\/24 mon r\u00e9seau de Backup. Je suis sur une infrastructure vSph\u00e8re 5.5 et VDP 5.8<\/p>\n

j’ai cr\u00e9\u00e9 un VLAN pour chaque sous r\u00e9seau.
\n\"DVS_ASAv_VDP\"<\/a><\/p>\n

 <\/p>\n

\u00a0<\/strong><\/span><\/p>\n

Esxi :<\/span> 10.10.10.10\/24<\/p>\n

vCenter\u00a0:<\/span>\u00a010.10.10.15\/24<\/p>\n

VDP\u00a0:<\/span>\u00a040.40.40.11\/24<\/p>\n

 <\/p>\n

D\u00e9tails des ports \u00e0\u00a0ouvrir<\/h4>\n
https:\/\/kb.vmware.com\/selfservice\/microsites\/search.do?language=en_US&cmd=displayKC&externalId=2034929<\/a><\/pre>\n
Configuration pour ASAv<\/h4>\n
access-list ACLBackup extended permit tcp host 40.40.40.11 host 10.10.10.10 eq 902\r\naccess-list ACLBackup extended permit tcp host 40.40.40.11 host 10.10.10.15 eq www\r\naccess-list ACLBackup extended permit tcp host 40.40.40.11 host 10.10.10.15 eq 7444\r\naccess-list ACLBackup extended permit tcp host 40.40.40.11 host 10.10.10.15 eq https\r\naccess-list ACLBackup extended permit udp host 40.40.40.11 host 10.10.10.35 eq domain\r\naccess-list ACLBackup extended permit udp host 40.40.40.11 host 10.10.10.10 eq sunrpc\r\naccess-list ACLBackup extended permit tcp host 40.40.40.11 host 10.10.10.10 eq sunrpc\r\naccess-list ACLManagement extended permit tcp host 10.10.10.15 host 40.40.40.11 eq www\r\naccess-list ACLManagement extended permit tcp host 10.10.10.15 host 40.40.40.11 eq 8543\r\naccess-list ACLManagement extended permit tcp host 10.10.10.15 host 40.40.40.11 eq 8580\r\naccess-list ACLManagement extended permit tcp host 10.10.10.15 host 40.40.40.11 eq 9443\r\naccess-list ACLManagement extended permit tcp host 10.10.10.35 host 40.40.40.11 eq ssh\r\naccess-list ACLManagement extended permit tcp host 10.10.10.15 host 40.40.40.11 eq ssh<\/code>\r\naccess-group ACLBackup in interface Backup\r\naccess-group ACLManagement in interface Management\r\n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"
Introduction Ce LAB a pour but d’apprendre \u00e0 configurer un Cisco ASA (Version 9.3) en ouvrant le minimum de ports entre le vCenter, ESXi et VDP pour un maximum de s\u00e9curit\u00e9. Pour rappel, VDP est une appliance VMware qui permet d’effectuer les sauvegardes de vos VMs ou Appliances. Pour plus d’information, vous pouvez vous reporter…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[13,14],"tags":[28,29,30],"yoast_head":"\nOuverture de ports avec Cisco ASA Virtuel pour VDP - PurpleScreen<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/blog.purplescreen.fr\/?p=45\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ogosselin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"http:\/\/blog.purplescreen.fr\/?p=45\",\"url\":\"http:\/\/blog.purplescreen.fr\/?p=45\",\"name\":\"Ouverture de ports avec Cisco ASA Virtuel pour VDP - PurpleScreen\",\"isPartOf\":{\"@id\":\"http:\/\/blog.purplescreen.fr\/#website\"},\"datePublished\":\"2016-07-25T14:51:37+00:00\",\"dateModified\":\"2016-10-14T11:44:26+00:00\",\"author\":{\"@id\":\"http:\/\/blog.purplescreen.fr\/#\/schema\/person\/ad63980c08d122ffe9115ade81b21fd3\"},\"breadcrumb\":{\"@id\":\"http:\/\/blog.purplescreen.fr\/?p=45#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/blog.purplescreen.fr\/?p=45\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/blog.purplescreen.fr\/?p=45#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/blog.purplescreen.fr\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Ouverture de ports avec Cisco ASA Virtuel pour VDP\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/blog.purplescreen.fr\/#website\",\"url\":\"http:\/\/blog.purplescreen.fr\/\",\"name\":\"PurpleScreen\",\"description\":\"by Olivier Gosselin\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/blog.purplescreen.fr\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"http:\/\/blog.purplescreen.fr\/#\/schema\/person\/ad63980c08d122ffe9115ade81b21fd3\",\"name\":\"ogosselin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/blog.purplescreen.fr\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6a053a3dca3cccbeecd37d492189f38f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/6a053a3dca3cccbeecd37d492189f38f?s=96&d=mm&r=g\",\"caption\":\"ogosselin\"},\"sameAs\":[\"https:\/\/www.linkedin.com\/in\/olivier-gosselin-30090498\/\"],\"url\":\"https:\/\/blog.purplescreen.fr\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Ouverture de ports avec Cisco ASA Virtuel pour VDP - PurpleScreen","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/blog.purplescreen.fr\/?p=45","twitter_misc":{"Written by":"ogosselin","Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"http:\/\/blog.purplescreen.fr\/?p=45","url":"http:\/\/blog.purplescreen.fr\/?p=45","name":"Ouverture de ports avec Cisco ASA Virtuel pour VDP - PurpleScreen","isPartOf":{"@id":"http:\/\/blog.purplescreen.fr\/#website"},"datePublished":"2016-07-25T14:51:37+00:00","dateModified":"2016-10-14T11:44:26+00:00","author":{"@id":"http:\/\/blog.purplescreen.fr\/#\/schema\/person\/ad63980c08d122ffe9115ade81b21fd3"},"breadcrumb":{"@id":"http:\/\/blog.purplescreen.fr\/?p=45#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/blog.purplescreen.fr\/?p=45"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/blog.purplescreen.fr\/?p=45#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/blog.purplescreen.fr\/"},{"@type":"ListItem","position":2,"name":"Ouverture de ports avec Cisco ASA Virtuel pour VDP"}]},{"@type":"WebSite","@id":"http:\/\/blog.purplescreen.fr\/#website","url":"http:\/\/blog.purplescreen.fr\/","name":"PurpleScreen","description":"by Olivier Gosselin","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/blog.purplescreen.fr\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"http:\/\/blog.purplescreen.fr\/#\/schema\/person\/ad63980c08d122ffe9115ade81b21fd3","name":"ogosselin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/blog.purplescreen.fr\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/6a053a3dca3cccbeecd37d492189f38f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6a053a3dca3cccbeecd37d492189f38f?s=96&d=mm&r=g","caption":"ogosselin"},"sameAs":["https:\/\/www.linkedin.com\/in\/olivier-gosselin-30090498\/"],"url":"https:\/\/blog.purplescreen.fr\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=\/wp\/v2\/posts\/45"}],"collection":[{"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=45"}],"version-history":[{"count":66,"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=\/wp\/v2\/posts\/45\/revisions"}],"predecessor-version":[{"id":499,"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=\/wp\/v2\/posts\/45\/revisions\/499"}],"wp:attachment":[{"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=45"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=45"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.purplescreen.fr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=45"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}