diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-firewall.xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-firewall.xml
new file mode 100644
index 00000000000..3a223cebe6b
--- /dev/null
+++ b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/create-edge-firewall.xml
@@ -0,0 +1,71 @@
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/xml b/plugins/network-elements/cisco-vnmc/scripts/network/cisco/xml
deleted file mode 100644
index eca3705a2e4..00000000000
--- a/plugins/network-elements/cisco-vnmc/scripts/network/cisco/xml
+++ /dev/null
@@ -1 +0,0 @@
-
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
index f9a4eae3428..937470f39f3 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/CiscoVnmcResource.java
@@ -94,10 +94,8 @@ public class CiscoVnmcResource implements ServerResource {
CREATE_SOURCE_NAT_POOL("create-source-nat-pool.xml", "policy-mgr"),
CREATE_SOURCE_NAT_POLICY("create-source-nat-policy.xml", "policy-mgr"),
CREATE_NAT_POLICY_SET("create-nat-policy-set.xml", "policy-mgr"),
- RESOLVE_NAT_POLICY_SET("associate-nat-policy-set.xml", "policy-mgr");
-
-
-
+ RESOLVE_NAT_POLICY_SET("associate-nat-policy-set.xml", "policy-mgr"),
+ CREATE_EDGE_FIREWALL("create-edge-firewall.xml", "resource-mgr");
private String scriptsDir = "scripts/network/cisco";
private String xml;
@@ -698,6 +696,63 @@ public class CiscoVnmcResource implements ServerResource {
return verifySuccess(response);
}
+
+ private String getNameForEdgeFirewall(String tenantName) {
+ return "ASA-1000v-" + tenantName;
+ }
+
+ private String getDnForEdgeFirewall(String tenantName) {
+ return getDnForTenantVDC(tenantName) + "/efw-" + getNameForEdgeFirewall(tenantName);
+ }
+
+ private String getNameForEdgeInsideIntf(String tenantName) {
+ return "Edge_Inside";
+ }
+
+ private String getNameForEdgeOutsideIntf(String tenantName) {
+ return "Edge_Outside";
+ }
+
+ private String getDnForOutsideIntf(String tenantName) {
+ return getDnForEdgeFirewall(tenantName) + "/interface-" + getNameForEdgeOutsideIntf(tenantName);
+ }
+
+ private String getDnForInsideIntf(String tenantName) {
+ return getDnForEdgeFirewall(tenantName) + "/interface-" + getNameForEdgeInsideIntf(tenantName);
+ }
+
+ public boolean createEdgeFirewall(String tenantName, String publicIp, String insideIp,
+ String insideSubnet, String outsideSubnet) throws ExecutionException {
+
+ String xml = VnmcXml.CREATE_EDGE_FIREWALL.getXml();
+ String service = VnmcXml.CREATE_EDGE_FIREWALL.getService();
+ xml = replaceXmlValue(xml, "cookie", _cookie);
+ xml = replaceXmlValue(xml, "edgefwdescr", "Edge Firewall for Tenant VDC " + tenantName);
+ xml = replaceXmlValue(xml, "edgefwname", getNameForEdgeFirewall(tenantName));
+ xml = replaceXmlValue(xml, "edgefwdn", getDnForEdgeFirewall(tenantName));
+ xml = replaceXmlValue(xml, "insideintfname", getNameForEdgeInsideIntf(tenantName));
+ xml = replaceXmlValue(xml, "outsideintfname", getNameForEdgeOutsideIntf(tenantName));
+
+ xml = replaceXmlValue(xml, "insideintfdn", getDnForInsideIntf(tenantName));
+ xml = replaceXmlValue(xml, "outsideintfdn", getDnForOutsideIntf(tenantName));
+
+ xml = replaceXmlValue(xml, "deviceserviceprofiledn", getDnForEdgeFirewall(tenantName) + "/device-service-profile");
+ xml = replaceXmlValue(xml, "outsideintfsp", getDnForOutsideIntf(tenantName) + "/interface-service-profile");
+
+ xml = replaceXmlValue(xml, "secprofileref", getNameForEdgeDeviceSecurityProfile(tenantName));
+ xml = replaceXmlValue(xml, "deviceserviceprofile", getNameForEdgeDeviceServiceProfile(tenantName));
+
+
+ xml = replaceXmlValue(xml, "insideip", insideIp);
+ xml = replaceXmlValue(xml, "publicip", publicIp);
+ xml = replaceXmlValue(xml, "insidesubnet", insideSubnet);
+ xml = replaceXmlValue(xml, "outsidesubnet", outsideSubnet);
+
+ String response = sendRequest(service, xml);
+
+ return verifySuccess(response);
+
+ }
private String sendRequest(String service, String xmlRequest) throws ExecutionException {
org.apache.commons.httpclient.protocol.Protocol myhttps =
diff --git a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/test/CiscoVnmcResourceTest.java b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/test/CiscoVnmcResourceTest.java
index f1e6d28517e..58baf5b4a79 100644
--- a/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/test/CiscoVnmcResourceTest.java
+++ b/plugins/network-elements/cisco-vnmc/src/com/cloud/network/resource/test/CiscoVnmcResourceTest.java
@@ -204,6 +204,7 @@ public class CiscoVnmcResourceTest {
}
}
+ @Ignore
@Test
public void testAssociateNatPolicySet() {
try {
@@ -215,4 +216,14 @@ public class CiscoVnmcResourceTest {
}
}
+ @Test
+ public void testCreateEdgeFirewall() {
+ try {
+ boolean response = resource.createEdgeFirewall(tenantName,
+ "44.44.44.44", "192.168.1.1", "255.255.255.0", "255.255.255.192");
+ assertTrue(response);
+ } catch (ExecutionException e) {
+ e.printStackTrace();
+ }
+ }
}