《使用 AWS 部署思科 Catalyst 无线即基础设施即服务 (IaaS).pdf》由会员分享,可在线阅读,更多相关《使用 AWS 部署思科 Catalyst 无线即基础设施即服务 (IaaS).pdf(73页珍藏版)》请在三个皮匠报告上搜索。
1、#CiscoLive#CiscoLiveBingjun Wang Technical Marketing EngineerBRKEWNBRKEWN-11041104as an Infrastructure as a Service(IaaS)with AWSas an Infrastructure as a Service(IaaS)with AWSDeploy Cisco Catalyst Deploy Cisco Catalyst WirelessWireless 2023 Cisco and/or its affiliates.All rights reserved.Cisco Publ
2、ic#CiscoLiveAbout Myself3BRKEWN-1104Bingjun WangUndergraduate Study:University of Massachusetts Amherst(BS Major EE)Graduate Study:University of Southern California(MS Major EE)Comes from China,Came to US since 2013,joined Cisco Since 2020.TigerComet 2023 Cisco and/or its affiliates.All rights reser
3、ved.Cisco Public#CiscoLiveEnter your personal notes hereCisco Webex App 4Questions?Use Cisco Webex App to chat with the speaker after the sessionFind this session in the Cisco Live Mobile AppClick“Join the Discussion”Install the Webex App or go directly to the Webex spaceEnter messages/questions in
4、the Webex spaceHowWebex spaces will be moderated by the speaker until June 9,2023.12344https:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicBRKEWN-1104Agenda 2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicIntroduction of Cisco Catalyst 9800 WLCHow to Deploy Cisc
5、o Wireless IaaS on AWSCommon Issue while deployingDemoBRKEWN-11045 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDistributed branch and small campusMedium campusLarge campusCisco Catalyst 9800 embedded wireless1200 APs,4000 clientsCisco Catalyst 9800-L250 APs,5000 client
6、s,5 GbpsCisco Catalyst APs,32,000 clients,40 GbpsCisco Catalyst 9800-80 6000 APs,64,000 clients80 Gbps1 SD-Access only.2 Requires Performance License3 Cisco Catalyst 9800-CL for public cloud:Cisco FlexConnect onlyUp to 250 APsUp to 1000 APsUp to 2000 APsUp to 6000 APsUp to 200 APsCisco C
7、atalyst 9800-CL31000,3000,or 6000 APs10,000,32,000,or 64,000 clientsCisco Catalyst 9800-L2500 APs,10000 clients,9 GbpsENCSNext-Generation Wireless Infrastructure for Any ScaleBRKEWN-1104 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive7BRKEWN-1104Industrys best&broadest Wi
8、-Fi 6/6E portfolio91159105I/W91369166CleanAir ProPro91649162CleanAir ProPro9RFRF-ASICASICRFRF-ASICASICCleanAir ProProManagement mode can be changedRFRF-ASICASICCleanAir ProPro 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveWhy Flex Deployment on AWS?Central Con
9、trol|Distributed Data(802.1802.1Q Q)AWSCisco DNA Center and 9800-CLWLCAccessCAPWAP dataDistributed SSIDAccess switchFlex mode APWANL2 TRUNKCAPWAP ControlSimplicity to Deploy and Reduced HardwareSimplicity to Deploy and Reduced HardwareBRKEWN-11048Single point of failure/management on multiple Single
10、 point of failure/management on multiple branchesbranchesFailure Survivability in Branch OfficesFailure Survivability in Branch Offices 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveConnecting APs to C9800 on AWSAWS CloudC9800-CLCAPWAP(Control)Corporate Branch/Remote Wor
11、kerFlex APWLC Public IP AddressVPN GatewayCorporate Network Customer GatewayFlex APsSite-to-Site VPN Tunnel/SDWANCAPWAP(Control)BRKEWN-11049 2023 Cisco and/or its affiliates.All rights reserved.Cisco ConfidentialCisco DNA Center on CloudVirtual appliancehosted on AWS CloudNo cost for software(AWS ch
12、arges apply)Optional support can be purchased for each VA instance(US$5,000)Quicker time to valueAWS platform native high availabilityCPU:32vCPUMem:256GBStorage:4TBIOPS Bandwidth:180MBps(bi-directional)IOPS:2000-2500Features are same as physical appliancesFeatures are same as physical appliancesAuto
13、mation,Assurance,System,SPA,SDA and integrationsScale parity with 2.3.5.x release DN2-HW-APL(44 core appliance):25K End points5K Devices1500 sites Get DNAC on AWS Cloud todayVA specificationsFeatures and scale 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCisco DNA Cente
14、r Support for WLC on AWS11BRKEWN-1104Cisco DNA CenterCisco DNA CenterAWS WLCAWS WLCDNA AutomationAPAPAP ConfigurationsAP&Client DataAP&Client DataCisco DNA Center Automation and Assurance support on AWS WLC 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCisco Wireless Sta
15、ck on AWS12BRKEWN-1104Cisco DNA CenterCisco ISECisco Space ConnectorCisco Catalyst C9800 WLC 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveRadius Server VPCCisco ISE Transit GatewayTG Route TableEgress VPCC9800 IaaS AWS TopologyTransit Gateway AttachmentInternet Gateway
16、AttachmentInternet AccessCisco Spaces Connector Cisco Spaces VPCCisco DNA Center Cisco DNA Center VPCC8000v/vMXNetwork Service VPCBRKEWN-110413C9800-CLC9800-CLController VPCHow to Deploy?2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveThings We needSecurityNetworkConnectio
17、nVMAWS DeploymentVPCSubnetRouting TableTransit GatewayInternet GatewayNAT GatewayNetwork ACLSecurity GroupKey PairCisco DNA CenterCisco Wireless LAN ControllerCisco ISECisco Spaces ConnectervMX(optional)AWS Site-to-Site VPNSD-WAN SolutionBRKEWN-110415 2023 Cisco and/or its affiliates.All rights rese
18、rved.Cisco Public#CiscoLivePrivate Subnet vs Public SubnetPrivate SubnetPublic SubnetA Private subnet is a subnet that is associated with a Route Table that has does not have does not have a route to an Internet GatewayInternet GatewayA public subnet is a subnet that is associated with a Route Table
19、 that hashas a route to an Internet Internet GatewayGatewayVPCController VPCElastic IPVM in Private Subnets cannot be accessed by public internet VM in Public Subnets can be accessed by public internet Private IPBRKEWN-110416 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiv
20、e17VPC and Subnets(Private/Public)BRKEWN-1104 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveVPC and Subnets(Private/Public)18BRKEWN-1104For Public Subnets Only 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveNetwork Service VPCRadius Server VPC
21、Egress VPCController VPCCisco Spaces VPCCisco DNA Center VPCNow we have theseBRKEWN-110419 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCommunication between VPCsVPC1VPC2Traditional Way:VPC PeeringVPC Peering or VPN connectionVPN connectionVPC1VPC2VPC PeeringVPC Peering
22、VPN ConnectionsVPN ConnectionsVPC1VPC2VPC3VPC4VPC5VPC6VPC7VPC nWhat if you have these?BRKEWN-110420 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveTransit Gateway Simplify Peer Communications21BRKEWN-1104Transit Gateway(TGW)VPC-to-VPC communication at scaleHub and Spoke t
23、opology-all VPC traffic sent to TGWEasy to manage route tablesTransit GatewayTG Route TableTransit Gateway(TGW)Transit Gateway attachments can be attached with VPCsYou can choose subnets that you would want to includeVPC1VPC2VPC3VPC4VPC5 2023 Cisco and/or its affiliates.All rights reserved.Cisco Pub
24、lic#CiscoLiveAdd a Transit Gateway and a Transit Gateway Attachment22BRKEWN-1104Add this for DNS on attached VPCsAdd this for VPN Load BalancingAssociate the TGA with default Route table 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveAdd a Transit Gateway and a Transit Ga
25、teway Attachment23BRKEWN-1104NameWhich Transit Gateway does it belongs toWhat type of service you would like to attach toWhich VPC does it attach toWhich subnet does it associated with 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveConfigure the Route Table on VPC24BRKEWN
26、-1104A Default(Main)Route Table will be created with the creation of VPCFor Subnets doesnt have a explicate association will use the main route tableFor Custom Route Table make sure you add the subnet in the Explicit subnet associations.2023 Cisco and/or its affiliates.All rights reserved.Cisco Publ
27、ic#CiscoLiveConfigure the Route Table on VPC25BRKEWN-1104For all the internal traffic within the VPC,Route it locallyFor all other traffic,go to the Transit GatewayFor Public Subnets,default route will be going into Internet Gateway,branch traffic and traffic to other VPC,go to Transit Gateway 2023
28、Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveConfigure the NAT in Egress VPC without FW26BRKEWN-1104Transit GatewayTG Route TableEgress VPCCIDRCIDRDestinationDestination0.0.0.0/0NAT GatewayCIDR CIDR DestinationDestination0.0.0.0/0Internet Gateway10.0.0.0/8Transit GatewayCIDR
29、CIDRDestinationDestination0.0.0.0/0Egress VPC Attachment.2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveConfigure the NAT in Egress VPC with FW27BRKEWN-1104Transit GatewayTG Route TableEgress VPCCIDRCIDRDestinationDestination0.0.0.0/0Internet Gateway10.0.0.0/8FirewallCIDR
30、CIDRDestinationDestination0.0.0.0/0Nat Gateway10.0.0.0/8Transit GatewayCIDRCIDRDestinationDestination0.0.0.0/0FirewallCIDRCIDRDestinationDestination0.0.0.0/0Egress VPC Attachment.2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveAdd a NAT Gateway on AWS Console28BRKEWN-1104P
31、ut the NAT Gateway in the Public Subnet Type should be Public in this case 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSD-WAN VPCRadius Server VPCTransit GatewayTG Route TableEgress VPCController VPCCisco Spaces VPCCisco DNA Center VPCBRKEWN-110429 2023 Cisco and/or it
32、s affiliates.All rights reserved.Cisco Public#CiscoLiveSecurity Group vs Network ACL30BRKEWN-1104Security GroupNetwork ACLTied to a VM instanceStateful BehaviorAllow Rules Only,Apply all rulesOne Instance can have multiple Security GroupsTied to a SubnetStateless BehaviorAllow Rules and Deny Rules,A
33、pply in OrderOne Subnet can only have one Network ACL 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveAdd Security Groups and Network ACLs31BRKEWN-1104It is recommended to follow the vender It is recommended to follow the vender advice that only give the access that the ad
34、vice that only give the access that the VM or service are neededVM or service are needed 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLivePorts needed for Cisco Wireless Stack32BRKEWN-1104Protocol and PortsProtocol and PortsPurposePurposeUDP 5246-5248CAPWAPTCP 22SSH,SCPTCP
35、21FTPICMPPingUDP 161,162SNMP/SNMP TrapsTCP 443/80HTTPs/HTTPTCP/UDP 49TACACS+UDP 53DNS ServerUDP 1812,1813,1645,1646RadiusUDP 123NTPUDP 514SyslogController PortsISE Portshttps:/ Portshttps:/ Spaces Connector Portshttps:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCreat
36、e Key Pair for SSH connection33BRKEWN-1104bingjun%cd downloadsbingjun downloads%chmod 400.pembingjun downloads%ssh-i”.pem UsernameKey will be downloaded automatically after creation 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive34BRKEWN-1104Connecting to On Prem Networks
37、VPN can be deployed using:AWS Site-to-Site VPN Builds site-to-site VPN tunnel to on-prem router Either manual configuration or automation via 3rdparty tools(ex.Ansible,etc.)Vendor agnosticCisco SD-WAN Solutions(Recommended)Use either:C8000v-Cisco SD-WANMeraki vMX Meraki AutoVPNAutomatically configur
38、e VPN tunnels from AWS to On-Prem networksPush corporate security/access policies to the cloud 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBranch Network Communication(SD-WAN)35BRKEWN-1104vMXSD-WAN VPCTransit GatewayTG Route TableBranch NetworkMX 95Remote workerMX 68Fl
39、ex APsFlex APCIDRCIDRDestinationDestination0.0.0.0/0Transit Gateway10.0.0.0/8vMX-eniLocal VPC CIDRLocalAWS Whole CIDRsTransit Gateway(My AWS CIDR is with in 10.0.0.0/8)2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBranch Network Communication(SD-WAN)36BRKEWN-1104 2023 Ci
40、sco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveTransit Gateway Route Table37BRKEWN-1104Egress VPC AttachmentSD-WAN VPC Attachment 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDeploy with Partner Solution/CloudFormation38BRKEWN-1104CloudFormationPart
41、ner Solution 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDeploying Cisco Catalyst 9800 WLCDeployment Options1.Manual EC2 Instance deployment2.CloudFormation Template 3.Partner Solution(Coming Soon)Networking Best PracticesNot requires Site-to-Site VPN connectionIf APs
42、join WLC via Public IP:Authorize APs against MAC address or Serial NumberGive C9800-CL VPC a dedicated IGWEC2 and CloudFormation Deployment Guide:https:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveC9800 on AWS with CloudFormation40BRKEWN-1104Give a HostnameChoose the
43、Key-Pair we have createdChoose a SubnetChoose the Security Group for C9800Give a management IP in the Subnet(recommended),or DHCP from AWS if leave in defaultUsername for admin WebUI and CLI loginPassword for admin WebUI and CLI loginCustomize the size if needed 2023 Cisco and/or its affiliates.All
44、rights reserved.Cisco Public#CiscoLiveDay-0 Configuration41BRKEWN-1104 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDay-0 Configuration42BRKEWN-1104 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveDay-0 Configuration43BRKEWN-1104 2023 Cisco an
45、d/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEC2 Serial Connect44BRKEWN-1104 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveConfigure NAT on WMI45BRKEWN-1104 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveConfigure SNMP 46BRKEW
46、N-1104DNAC on-board pre-requestSSH enabledCLI credentialsNetconf enabled and define the portSNMP enabled and configure community strings 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUpgrading Cloud Controller47BRKEWN-1104Select downloaded.bin fileStart the downloadSelec
47、t if you want to do it one shot 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveEverything Needed for Cisco DNA Center on AWS:https:/ Guide:https:/ Cisco DNA Center on AWS48BRKEWN-1104Deployment Options1.Launchpad VA App DNAC and AWS infra2.CloudFormation Template DNAC onl
48、yNetworking Best PracticesRequires Site-to-Site VPN connectionDo not allow access via Public IP 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCisco DNA Center on AWS with CloudFormation49BRKEWN-1104 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoL
49、iveCisco DNA Center on AWS with CloudFormation50BRKEWN-1104Management IPSubnet Mask on the aws subnetGateway Address(.1)of your aws subnetDNS Server AddressDNAC password(username default maglev)DNAC FQDNHTTPs proxy settings(optional)2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#C
50、iscoLiveDeploying Cisco ISEDeployment Options1.Manual EC2 Instance deployment2.CloudFormation Template3.Partner SolutionNetworking Best PracticesRequires Site-to-Site VPN connectionDo not allow access via Public IPEC2 and CloudFormation:https:/ Solution:https:/ 2023 Cisco and/or its affiliates.All r
51、ights reserved.Cisco Public#CiscoLiveDeploying Cisco Spaces ConnectorDeployment Options1.Manual EC2 Instance deploymentNetworking Best PracticesRequires Site-to-Site VPN connectionDo not allow access via Public IPNote:Only Cisco Spaces Connector Version 2.X is supported.EC2 Configuration Guide:https
52、:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveRecommended IaaS Deployment Software VersionsCisco DNA Center on AWSCisco DNA Center on AWSCisco Identity Services EngineCisco Identity Services EngineCisco Spaces ConnectorCisco Spaces ConnectorCatalyst 9800Catalyst 9800-
53、CL Public CL Public CloudCloud2.3.5.xISE 3.1 Patch 52.3.50717.9.3Note:Each service will be able to be upgraded/patched if needed.Refer here for all compatible releases:https:/ 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveRadius Server VPCCisco ISE Transit GatewayTG Rout
54、e TableEgress VPCC9800 IaaS AWS TopologyTransit Gateway AttachmentInternet Gateway AttachmentInternet AccessCisco Spaces Connector Cisco Spaces VPCCisco DNA Center Cisco DNA Center VPCC8000v/vMXNetwork Service VPCBRKEWN-110454C9800-CLC9800-CLController VPCCommon Issue in Deployment 2023 Cisco and/or
55、 its affiliates.All rights reserved.Cisco Public#CiscoLiveScenario 1I have a public IP address on my controller but not able to access it from out-side!BRKEWN-110456 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveScenario 1BRKEWN-110457I have a public IP address on my con
56、troller but not able to access it from out-side!2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveScenario 258BRKEWN-1104I have a Transit gateway and a Transit gateway attachment on my VPC,but I am seeing some of the subnets in the VPC is not able to communicate with other V
57、PC.I have checked the routing table,Security Groups,Network ACLs.They looks good.Check if the Subnet is associated with the VPC AttachmentDemo 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveSSID ConnectionSSID NAME:BRKEWN-1104SSID PSK:C1sc0dnaController IP:10.220.3.5 2023
58、 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveFill out your session surveys!Attendees who fill out a minimum of four session surveys and the overall event survey will get Cisco Live-branded socks(while supplies last)!61BRKEWN-1104These points help you get on the leaderboard
59、and increase your chances of winning daily and grand prizesAttendees will also earn 100 points in the Cisco Live Challenge for every survey completed.2023 Cisco and/or its affiliates.All rights reserved.Cisco PublicContinue your educationVisit the Cisco Showcase for related demosBook your one-on-one
60、Meet the Engineer meetingAttend the interactive education with DevNet,Capture the Flag,and Walk-in LabsVisit the On-Demand Library for more sessions at www.CiscoL you#CiscoLive 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive64Gamify your Cisco Live experience!Get points G
61、et points for attending this session!for attending this session!Open the Cisco Events App.Click on Cisco Live Challenge in the side menu.Click on View Your Badges at the top.Click the+at the bottom of the screen and scan the QR code:How:123464 2023 Cisco and/or its affiliates.All rights reserved.Cis
62、co PublicBRKEWN-1104Appendix 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLive1 AP,2 Ways:CW916x Access Points66PSOEWN-1790Catalyst 9162TxRx2.4 GHz225 GHz226 GHz222.5Gbps mGig Uplink PoE+and UPoE compliant IoT Radio CleanAir Pro Radio2.5Gbps mGig Uplink PoE+and UPoE complia
63、nt IoT Radio CleanAir Pro Radio5Gbps mGig Uplink PoE+and UPoE compliant IoT Radio CleanAir Pro RadioXOR radios(low band/high band)Environmental sensorsTxRx2.4 GHz225 GHz446 GHz44TxRx2.4 GHz445 GHz446 GHz44Catalyst 9164Catalyst 9166AP power optimization|Dedicated radio for AP power optimization|Dedic
64、ated radio for CleanAirCleanAir Pro|Same bracket,same industrial design Pro|Same bracket,same industrial designFull radio capability(Full radio capability(6 6 GHz LPI)on single GHz LPI)on single 3030W PoE+W PoE+66 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveCisco Wi-Fi
65、 6E premium portfolio67Meraki MR57Catalyst 9136TransmittersReceivers2.4 GHz445 GHz446 GHz44 Dual 5G mGig Uplinks with failover PoE+and UPoE+compliant IoT Radio Monitor RadioTransmittersReceivers2.4 GHz445 GHz4*4*886 GHz44 Dual 5G mGig Uplinks with failover PoE+and UPoE+compliant IoT Radio Scanning R
66、adio Environmental sensors*Future SW 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveC9124AX External AntennaC9124AX Internal Omnidirectional&Directional Antenna 91249124AXEAXE Dual Radio Mode:4x4+4x4 in both 2.4 and 5 GHz Tri-Radio Mode:2x2+2x2+2x2 in 2.4 Ghz,5Ghz(Slot 1)
67、&5 Ghz(Slot 2)MU-MIMO,OFDMA Cisco RF ASIC for next-gen Cisco CleanAir Integrated BLE/IoT radio 2.5G mGig Wired uplink+1G SFP+1Gbe(802.3af power out-15.4 watts)29 dBm Transmit Power Enhance Surge Protection&Lightning arrester for Ethernet ports and DC Input-E SKU:Six N-type connectors:Three ports sup
68、port Self-Identifying Antenna(SIA)91249124AXI,AXI,91249124AXDAXD 4x4+4x4 in both 2.4 and 5 GHz MU-MIMO,OFDMA Cisco RF ASIC for next-gen Cisco CleanAir Integrated BLE/IoT radio 2.5G mGig Wired uplink+1G SFP+1Gbe with 802.3af power out 15.4 watts 30 dBm Transmit Power(Same as 1572)1024 QAM,data rate o
69、f 2.5 GbpsPowered byPowered byCisco RF ASICCisco RF ASICPowered byPowered byCisco RF ASICCisco RF ASICNote:The CatalystNote:The Catalyst 9124AX Series is supported only on Cisco 9124AX Series is supported only on Cisco IOS XEIOS XE-based platforms:Catalyst 9800 Series/EWC.based platforms:Catalyst 98
70、00 Series/EWC.Catalyst 9124AX Outdoor Access Point 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveUnderstanding AWS Network TopologyVPC(Virtual private cloud)Public SubnetPrivate SubnetRoute TableTransit Gateway AttachmentInternet GatewayNAT GatewayBRKEWN-110469VM1VPCVM2
71、2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBranch Network Communication(AWS Site to Site)70BRKEWN-1104Your BGP ASNYour Site Router Public IP 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBranch Network Communication(AWS Site to Site)71BRKE
72、WN-1104Choose Transit GatewaySelect the existing Customer GatewayGive the campus site CIDR that able to talk through tunnelGive the AWS CIDR that able to talk through tunnel 2023 Cisco and/or its affiliates.All rights reserved.Cisco Public#CiscoLiveBranch Network Communication(SD-WAN)72BRKEWN-1104Cisco SD-WANMeraki SD-WANhttps:/