We are looking for a resource for the below SoW for 20 Man Days. Resource is expected to work in a continues stretch with some gaps in between.
Earlier scope is added for initial setup and Turn‑up of the Cisco ASA Firewall and configuring IPsec Site‑to‑Site VPN Tunnel to client's remote Engineering Team for SD access POC.
Basic activities will include and not limited to:
Firewall Turn‑Up
- Initial access and baseline configuration of the Cisco ASA firewall
- Configure system settings:
- Hostname and basic system parameters
- Configure firewall interfaces:
- Assign IP addressing and security levels
- Perform basic connectivity validation
Basic Firewall Policy Configuration
- Configure basic access control policies (ACLs) required for:
- Remote access enablement
- IPsec VPN traffic
- Configure necessary NAT rules to support tunnel and internal access
IPsec VPN – Assisted Setup
- Work jointly with Tata Comm Firewall team to:
- Review VPN scope and requirements
- IPsec parameters
- Configure IPsec Site‑to‑Site VPN components on the Cisco ASA
- Assist in for Tunnel establishment
- Initial connectivity testing across the VPN
- Coordinate troubleshooting during tunnel bring‑up
Below is the scope for SD Access POC shared earlier.
Pre‑Installation Support
Review site readiness checklist provided by the internal team Validate availability of:
- Rack space
- Power feeds and PDUs
- Structured cabling (fiber/copper)
- Console access
- Coordinate with site contacts for access and work windows
Rack, Stack, and Physical Installation
Powering on Wi-Fi & LAN equipment
Test the power condition before Wi-Fi & LAN equipment is installed or get the power status tested by the end client.
Installation of SFPs
Mount the Wi-Fi & LAN equipment in end client rack
Change/install/ update device software via respective OEM portal or from the provided portable media
Rack mounting of Cisco network devices including (but not limited to):
- Cisco Catalyst switches Qty 5
- Access points : 2
- Wireless LAN Controllers on Virtual instance provided by customer.
- Secure fastening, labeling, and physical alignment
- Power cabling to redundant power sources
- Basic configuration or interface/provide remote access enabling
Staging
- Allocate IP address
- OS upgradation
- Basic staging configuration to make the setup ready with Tata Comm engineer instructions.
- Reestablishing remote connectivity for Tata Comm remote resources
Cabling and Connectivity
- Connect copper and fiber patch cords according to HLD documents shared by Tata Comm
- Validate cable integrity and correct port mapping
Console and Physical Device Setup
- Establish console access to Cisco devices
- Support internal teams during remote sessions
- Note: All logical configuration and SD‑Access policy setup will be executed by Tata Comm.
Capture and share:
- Device serial numbers and on going status
- Photos (as‑built evidence)
Engineer Should carry:
- Laptop with charger, Windows OS/MacBook and the Join me software installed (TV version to be confirmed in advance), Team viewer, Webex software
- Mobile data connection (4G/5G)
- Mobile phone with charger
- Rollover console cable for direct connection to router and spare UTP cables, screwdriver
- Phone camera
- Any other parts to be confirmed in next phases of this project
- Engineer will carry two (2) straight & two (2) Cross cable as a part of standard equipment
- Engineer will carry suitable console cable as per the Switch type
- Carry bootable USB flash drive
- RJ45 testers, Fibre testers & testing capabilities for any other common network mediums.
