Scribd
Upload
278 views44 pages

LTRRST 2734 LG

- The document describes how to build a Cisco SD-WAN lab by deploying and configuring the SD-WAN controllers, including vManage, vBond, and vSmart. - It provides step-by-step instructions for deploying vManage and vBond as virtual machines on VMware ESXi, and configuring their initial settings such as interfaces, certificates, and system parameters. - The goal is to familiarize users with Cisco SD-WAN through hands-on experience deploying and configuring the core SD-WAN controllers in a lab environment.

Uploaded by

Ramon Pirbux
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
278 views44 pages

LTRRST 2734 LG

- The document describes how to build a Cisco SD-WAN lab by deploying and configuring the SD-WAN controllers, including vManage, vBond, and vSmart. - It provides step-by-step instructions for deploying vManage and vBond as virtual machines on VMware ESXi, and configuring their initial settings such as interfaces, certificates, and system parameters. - The goal is to familiarize users with Cisco SD-WAN through hands-on experience deploying and configuring the core SD-WAN controllers in a lab environment.

Uploaded by

Ramon Pirbux
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 44

LTRRST-2734

4 Hours to Build Your Own Cisco SD-


WAN Lab

Andraz Piletic
Prashant Tripathi
Robert McGuckin

1
Introduction of Learning Objectives

Upon completion of this lab you, you will be able to:


• Deploy and configure vManage, vBond and vSmart with initial configuration.
• Generate CSR and utilize local CA to generate root-ca and sign certificates.
• Onboard vEdgeCloud and CSR1000v virtual SD-WAN roter.

Disclaimer
This training document is to familiarize with Cisco SD-WAN. Although the lab design and
configuration examples could be used as a reference, it’s not a real design, thus not all
recommended features are used, or enabled optimally. For the design related questions
please contact your representative at Cisco, or a Cisco partner.

Lab 1: Deploying and configuring SD-WAN Controllers

In this lab activity, you will learn how to deploy, install and configure SD-WAN controllers.
Moreover, we will also investigate installing enterprise root CA chain, which is needed
when using an Enterprise CA server.

Task 1: Deploying vManage on VMware ESXi


In the task, you will deploy and perform the basic configuration of vManage into VMware
ESXi environment.

VManage software comes as a .ova file, which we install on our ESXi hypervisor. As
seen on the picture below, there are 2 interfaces which we need to appropriately map.

2
Note: By default, vManage OVA is configure with a single interface (eth0)
Note II: Adding additional interface remaps eth0 to vNIC 2.

Eth0 is used as a control interface through which we will establish and manage control
connections. Therefore, this interface needs to be mapped to the network which
connects to the underlay (VPN 0).

Eth1 is used for out-of-band management purposes and it is placed into the
Management VRF (VPN 512). This interface enables accessing vManage through SSH
and web interface.

A successful deployment of vManage on ESXi is consisted of the following steps:

1. Deploying vManage OVA on VMware ESXi


2. Adding additional resources and interfaces to the vManage VM
3. Performing vManage Database installation
4. Configuring vManage Interface Settings
5. Configuring vManage System Parameters
6. Finalize vManage Initial System Configuration

Activity Procedure

Complete these steps:

1. Deploying vManage OVA on VMware ESXi


a. Connect to the assigned Jump Host. Instructor will provide access details.
b. Open Chrome browser and connect to VMware ESxi portal with an
Username/Password (admin/admin).

3
c. Once connected, click Virtual Machines in the sidebar. Then click Create /
Register VM.

d. Select Deploy a virtual machine from an OVF or OVA file and click Next.

e. Enter a name for the virtual machine vManage and browse for vManage
19.2.099 installation file, which is saved in Downloads/Software folder.
Click to select files or drag/drop them. Click Next.

f. On the next step, keep already preselected SDWAN standard storage


option. Click Next.
g. Under Deployment options, select Management and Thin as a Network
mappings and Disk provisioning.

4
Note By default OVF template includes only one vNIC, which will be used for transport interface. You
will add another one for management once import is completed.

Note For production environment Thick storage would be required.

h. Deselect Power on automatically and click Next.

i. Overview the configured settings and click Finish.

2. Adding additional resources and interfaces to the vManage VM


a. Once the import is successfully completed, right-click on the vManage
VM and select Edit Settings.
b. First you must create additional virtual disk, that will host the vManage
database. Under Virtual Hardware Tab click Add Hard disk and then select
New Hardware disk.

5
c. Specify a size of 100GB and under Disk Provisioning select Thin
provisioned. Click Save.

Note For Lab environment, a 100GB disk size will be sufficient. For PoC/PoV or production
environments, follow official requirements.

d. Add additional interface. Right-click on the vManage VM and again select


Edit Settings.
e. Under Virtual Hardware Tab click Add network adapter. Select network
Internet and keep all preselected options. Click Save.

3. Performing vManage Database installation


a. Power on vManage VM. Right click on VM and select Open console.
b. Wait for few minutes to receive login prompt. Use default
username/password admin/admin. Set up a new password admin.

6
c. System will prompt you to select storage device where database will be
installed. Select 1) (hdb) and confirm formatting of selected storage
device. Wait for few minutes for installation to successfully complete.

4. Configuring vManage Interface Settings


a. Since interacting and configuring the controler through the VM console is
not very convenient, we will first configure OOB management for ssh
access. We will use eth1 interface for it, which we will assign to VPN 512
and configure an IP address on it.

b. Once management is up and running, you can use a SSH access. Test
that you can reach your vManage server over HTTPS and SSH from
Windows Jump Host.

SSH:

Note: For access, you might need to modify /home/user/.ssh/known_hosts file.

HTTPS:

c. Once SSH session is established, configure second interface eth0 for


initial overlay bringup. Assign IP address to it and define a default route.

7
d. Verify connectivity to 203.0.113.1 using ping. It should be successful.

5. Configuring vManage System Parameters.


a. We are going to define device’s basic information including system IP,
site-id, organization name and vBond IP address. Enter the configuration
below:

Note Organization name is embedded in the license file and must match on all the nodes in the
overlay. Organizational-Name is also case sensitive, always use quotes.

Note vBond server can be specified as a domain name.

Note System-IP must be unique on every component in the SD-WAN fabric.

b. Before continuing, validate key system parameters that you have


configured in the previous steps. Use show control local-properties
command and verify correctness of the organization-name, sp-
organizational-name, dns-name (vBond IP), site-id and system-ip
address.

8
6. Finalize vManage Initial System Configuration
a. Open web browser and navigate to vManage web interface. Authenticate
using default username and password (admin/admin).

b. Navigate to Administrator > Settings. Configure again the Organization


Name CLEUR 2020 LTRRST – 2734 and vBond IP address 203.0.113.3.

Note Even though you have already entered vBond IP address in the CLI, you still need to configure
vBond address also under system settings. Otherwise, process of generating bootstrap
configuration for vEdge instances will not be successful.

9
Task 2: Deploying vBond on VMware ESXi.

Note OVA is preconfigured with four vNICs, only two interfaces are supported.

Activity Procedure

Complete these steps:

1. Installing vBond Appliance

a. If not already, connect to the assigned Jump Host. Instructor will provide access details.

b. Open Chrome browser and connect to VMware ESxi portal with an Username/Password
(admin/admin).

c. Once connected, click Virtual Machines in the sidebar. Then click Create / Register VM.

d. Select Deploy a virtual machine from an OVF or OVA file and click Next.

e. Enter a name for the virtual machine vBond and browse for Viptela-edge-19.2.099 installation
file, which is saved in Downloads/Software folder. Click to select files or drag/drop them. Click
Next.

10
Note vBond is installed using vEdgeCloud OVA.

f. Keep preselected SD-WAN storage and click Next.

g. In Deployment options tab select Management as a VM Network and Internet as VM


Network 1. Select Thin Provisioning Disk Formatting and unselect Power on automatically.
Click Next.

11
Note OVA is preconfigured with four vNICs, only two interfacers are supported.

h. Overview configured settings and click Finish.

2. Modify vBond VM setttings


a. Right click on newly created vBond VM and select Edit Settings
b. Reduce the number of CPU virtual sockets to 2.

12
Note You are reducing the number of virtual CPU sockets only for the lab environment.

c. Powe on vBond VM and access the console.


d. Use credentials admin/admin to log in.
e. Configure basic configuration settings including hostname, system IP, site ID, and
organization name. Enter the configuration shown below:

Note Keyword local in the vbond command turns our router into vBond controller.

Note Be careful to configure exactly the same organization-name as shown. Organization name is
embedded in the license file and must match on all the nodes in the overlay.

f. Configure management interface for SSH. You will use eth0 interface for it.

g. Test you can reach your vBond server over SSH from Windows Jump Host.

13
h. Once SSH session is established, configure interface ge0/0 for initial overlay bringup. Assign
IP address to it, remove tunnel-interface default configuration and define a default route.

i. Verfiy connectivity to 203.0.113.1 (GW) and 203.0.113.2 (vManage). It should be successful.

j. Before continuing, validate key system parameters that you have configured in the previous
steps. Use show control local-properties command and verify correctness of the organization-
name, sp-organizational-name, dns-name (vBond IP address), site-id and system-ip.

14
Step 3: Deploying vSmart on VMware ESXi

In the task, you will install and perform basic configuration of vSmart in VMware ESXi environment.

Activity Procedure

Complete these steps:

1. Installing vSmart Appliance

a. If not already, connect to the assigned Jump Host. Instructor will provide access details.

b. Open Chrome browser and connect to VMware ESxi portal with an Username/Password
(admin/admin).

c. Once connected, click Virtual Machines in the sidebar. Then click Create / Register VM.

d. Select Deploy a virtual machine from an OVF or OVA file and click Next.

e. Enter a name for the virtual machine vSmart and browse for Viptela-smart-19.2.099
installation file, which is saved in Downloads/Software folder. Click to select files or drag/drop
them. Click Next.

15
f. Keep preselected SD-WAN storage and click Next.

g. In Deployment options tab select Management as a VM Network. Select Thin Provisioning


Disk Formatting and unselect Power on automatically. Click Next.

16
h. Overview the configured settings and click Finish.

2. Modify vSmart VM setttings


a. Right click on newly created vSmart VM and select Edit Settings.
b. Add additional Ethernet adapter. Assign in to the Internet network. Click Save.

c. Power on VM and access console using default credentials (admin/admin).


d. Configure basic configuration settings including system IP, site ID, organization name and
vBond address. Enter the configuration shown below:

Note Be careful to configure exactly the same organization-name as shown. Organization name is
embedded in the license file and must match on all the nodes in the overlay.

17
e. Configure management interface for SSH. You will use eth1 interface for it. Assign it to VPN
512 and put an IP address on it.

f. Test you can reach your vSmart server over SSH from Windows Jump Host.

g. Once SSH session is established, configure interface eth0 for initial overlay bringup of
overlay. Assign IP address to it and define default route.

h. Verify connectivity to 203.0.113.1 (GW), 203.0.113.2 (vManage) and 203.0.113.3 (vBond). It


should be successful.

i. Before continuing, perform verification of manual configuration on the vSmart using the show
control local-properties command. Verify that organizational name is correctly configured, site-
id value assigned, system-ip uniquely configured, and vBond IP address correctly specified.

18
Task 4: Signing Certificates
In certain situations, the security policy dictates using your own Enterprise PKI.

In the task, you will request, generate and install security certificates using local CA.

Activity procedure:

1. Generating Enterprise Root CA


a. On Jump host open terminal.
b. Enter into directory named localCA using cd command.

19
c. In the next step we will simultaneously generate keys, which will be used
for certificate creation, and the certificate itself. During the configuration
steps you can provide whatever input values you desire, but keep in mind
that they will be reflected in the certificate.

Note Organizational name on the root CA does not need to match with the organization name which
we useen on the SD-WAN overlay.

Note Ca.crt is the new local root certificate. You need to import the root certificate on all controllers
and WAN edge devices.

d. Display content of the current directory using ll command. Notice preconfigured


ca.conf file that is present in the directory.

e. View the content of the ca.conf configuration file using cat command. Notice
configured default values for directories, files, used algorithms and certificate
validity.

20
Note When setting up local CA for CSR Signing, ca.conf is the file where we specify paths for new
certs, db, serial numbers, private key + certificate and define validity (in days) and policy.

f. Define Local CA folder structure, which is referenced in the provided configuration


file.

Note newcerts folder stores the issued certificate.

Note index.txt acts as the database tracking the issued certificate statuses and their properties.

Note serial file contains the next available serial number in hex.

2. Installing Enterprise Root Certificate


a. Open web browser and navigate to vManage web interface. Authenticate
using default username and password (admin/admin).

21
b. Navigate to Administrator > Settings. Under Controller Certificate
Authorization paste CA certificate in PEM format.

Note You need to copy generated CA certificate from the Jumphost VM and paste it here.

Task 5: Bringing up Secure Control Plane


In this task we are going to take care of the following steps:

1. Add vBond and vSmart controllers to the vManage.


2. Generate CSRs.
3. Sign CSRs and upload certificates.
4. Configure tunnel interfaces and establish control connections.
5. Install license file.

22
Activity procedure:

1. Add vBond and vSmart controllers to the vManage.


a. Access vManage web page and navigate to Configuration > Devices and
then select Controllers in top left.

Note Notice certificate status for vManage – no info will be displayed as there is no certificate installed
on vManage yet.

b. Click Add Controller > vBond and specify vBond ‘s IP address that is
reachable from vManage VPN0 interface via NETCONF protocol (TCP
830).

c. Repeat procedure and add vSmart information. Provide IP address and


credentials. Click Add.

23
2. Generating the CSRs
a. After successfully adding vBond and vSmart info, navigate to
Configuration > Certificates and then select Controllers in top left. On the
right side for each controller press on the three dots button to access
Generate CSR option

b. Download the generated CSR and save it to /home/admin/localCA folder


as vmanage.csr.
c. Repeat the process also for vBond and vSmart CSRs and save it as
vbond.csr and vsmart.csr.

3. Sign CSRs and upload certificates.


a. Sign CSR requests for vManage using the openssl ca command as show
in the output below:

24
b. Repeat the process for the vBond and vSmart CSR.

25
c. Display the content of the vManage.pem certificate (use command cat),
copy its content and apply it to the vManage web interface using Install
Certificate top right button.

d. Task View will be automatically displayed, where you can validate


successful import of the signed certificate.

e. Navigate back to Configuration > Certificates and repeat the certificate


import process for vBond, and vSmart.
f. If import of the certificate was successful, you will see Certificate Installed
status under all three controllers under Configuration > Devices >
Controllers. However, if you navigate to the home dashboard, you will
notice no control connection has been yet established between
controllers.

4. Configure tunnel interfaces and establish control connections


a. To finalize controllers bringup, you need to configure VPN0 with tunnel
interface settings. Log in first to vManage using SSH. Under interface eth1
configure tunnel-interface and commit the configuration change. Your
session should looks similar as below:

26
Note Enable the tunnel-interface configuration on the VPN 0 interface on all controllers.

Note On vBond, also specify the tunnel-interface encapsulation type.

b. Navigate back to the vManage home dashboard. You should notice Up status
for vSmart, vBond and green checkmark status for vManage. There should be
no certificate errors.

c. Before you can add vEdges to the system, you also need to import license
files. Navigate to Configuration > Devices. Select Upload WAN Edge List.
Browse for license file (serial.file.vEdge.viptela) within SD-WAN_Files
folder stored in the desktop. Select checkbox for validation of uploaded
vEdge list. Select upload and confirm the upload action by pressing OK.
d. Wait for a few moments until processing of WAN Edge List completes.
Navigate back to Configuration > Devices. You should see several unused
device licenses being successfully added to the system. Verify that
devices are displayed as valid state.

27
Task 6: Onboarding vEdgeCloud routers
In the task, you will perform manual onboarding of the vEdgeCloud device by manually
configuring base system parameters, initial connectivity, and installing Enterprise CA root
certificate.

Activity Procedure

Complete these steps:

1. Installing vEdge Cloud

a. If not already, connect to the assigned Jump Host. Instructor will provide access details.

b. Open Chrome browser and connect to VMware ESxi portal with an Username/Password
(admin/admin).

c. Once connected, click Virtual Machines in the sidebar. Then click Create / Register VM.

d. Select Deploy a virtual machine from an OVF or OVA file and click Next.

e. Enter a name for the virtual machine vEdge30 and browse for viptela-edge-19.2.099 -
geberucx86-64.ova installation file, which is saved in Downloads/Software folder. Click to
select files or drag/drop them. Click Next.

Enable password on cEdge VM for SSH access to privilege mode

cEdge40(config)# username admin privilege 15 password admin = FOR SCP

[admin@jumphost localCA]$ scp ca.crt admin@192.168.0.40:bootflash:/ca.crt

28
f. Keep preselected SD-WAN storage and click Next.

g. Select first network as Internet, second as MPLS30, third as Site30-VPN10 and last as
Site30-VPN20. Deselect Power on automatically. Click Next.

h. Overview deployment settings and click Finish.

i. Once OVF Template is deployed, right click on newly defined VM and select Edit Settings.
Change the number of CPU virtual sockets from 4 to 2.

29
j. Add additional Network Adapter by clicking Add network adapter. Select Management. Click
Save.

k. Power on VM vEdge30 and access console. Authenticate using default credentials


(admin/admin). You will be asked to define a new password. Set it up as admin again.

30
Note Prompt to define a new password for admin was introduced in the 19.2 software release. In older
releases system will not prompt you to modify default password.

l. Performing device configuration via console access is not very user friendly, as it does not
allow you to copy and paste information, or scroll your window to observer longer outputs.
You will perform minimal configuration first, that will enable you to connect to the vEdge via
SSH.

m. Enter configuration mode using configure terminal. Navigate to the VPN 512 and enter
interface eth0 configuration mode. Assign management IP address to it using the ip address
192.168.0.30/24 command.

n. You have to issue the commit command, before configuration is applied to the system.

o. Once management interface is configured, you can leverage SSH to access the CLI and
finalize the remaining of the CLI configuration. Click on the Terminal icon on the desktop and
connect using the ssh -l admin 192.168.0.30 command. Authenticate using admin as a
password.

p. Access configuration mode using conf t. You will now first define system parameters, which
are all configured under system section.

31
system
host-name vEdge30
system-ip 10.255.255.30
site-id 30
organization-name "CLEUR 2020 LTRRST - 2734"
vbond 203.0.113.3

q. Exit system configuration mode and enter vpn 0 section to configure WAN interface. Define
default route using ip route 0.0.0.0/0 203.0.113.1 command. Enter interface ge0/0 and assign
ip address 203.0.113.30/24 to it. Issue commit.

r. Using end leave the configuration mode and verify device has connectivity to the vBond
controller by entering ping 203.0.113.3 command. Use Ctrl+C to stop the ping.

s. Before new vEdge can get fully onboarded, you also need to install root-ca, since local PKI
was used in the lab to set up controllers.

t. Disconnect from SSH using exit or open a new terminal window. Go to /home/student/localCA
folder and issue the ll command to display the content of the current folder.

32
u. Use secure copy command to transfer the root certificate ca.crt to the vEdge30. Use the scp
ca.crt admin@192.168.0.30: command.

v. Return back to vEdge30 via SSH and issue the vshell command. Use ls -l command to verify
file was successfully transferred. pwd command will display current location.

w. Exit vshell and issue the request root-cert-chain install /home/admin/ca.crt to install the root
certificate.

x. Issue the show certificate root-ca-cert and verify that import of the certificate was successful.

33
Note Next few steps are needed only for virtual devices, and physical devices without SUDI/TMP
chipset (ENCS, ASR1000 series). When manually onboarding physical routers, there is no need
to perform additional activation since hardware devices already have unique identity described
by certificate preloaded in the SUDI/TMP chipset.

y. Return to web browser and navigate to vManage by clicking on the bookmark (alternatively
navigate to https://192.168.0.6). Authenticate using admin / admin. Navigate under
Configuration > Devices.

z. Select the unused vEdge Cloud device and click on the three dots button at the farright end of
the table. From the drop-down menu select Generate Bootstrap Configuration.

aa. Accept the default Cloud-Init selection and press OK. To activate vEdge30 you will need the
values of uuid and otp.

bb. Return back to the terminal windows with SSH to vEdge30 and issue the following command:
request vedge-cloud activate chassis-number <value of UUID> token <value of otp>

request vedge-cloud activate chassis-number b1d655b2-2cf3-9f25-7052-fe6f71ebf225 token


5191701faf701abbc6f010d576cc5d45

cc. After a minute or two issue the show control connections command.

34
dd. Issue show control local-properties where you can validate that chassis and serial numbers
have been assigned to the virtual device. This defines the unique identity of a vEdgeCloud
device.

ee. Return back to the vManage and check the status of vEdge30 under Configuration>Devices.
You should see that information about device has populated, and Device Status should be
show In Sync.

ff. If you navigate to the Main Dashboard you should now see 1 successfully connected WAN
Edge device.

35
Task 7: Onboarding cEdge routers
In the task, you will perform manual onboarding of the cEdge device by manually
configuring base system parameters, initial connectivity, and installing Enterprise CA root
certificate.

Activity Procedure

Complete these steps:

1. Installing cEdge

a. If not already, connect to the assigned Jump Host. Instructor will provide access details.

b. Open Chrome browser and connect to VMware ESxi portal with an Username/Password
(admin/admin).

c. Once connected, click Virtual Machines in the sidebar. Then click Create / Register VM.

d. Select Deploy a virtual machine from an OVF or OVA file and click Next.

e. Keep preselected SD-WAN storage and click Next.

36
f. Under Depoyment options tab select Thin disk provisioning and deselect Power on
automatically. Click Next.

g. Overview deployment settings and click Finish.

h. Once OVF Template is deployed, right click on newly defined VM and select Edit Settings.

i. Select Management network as a vNIC1, Internet as a vNIC2, MPLS40 as a vNIC3, Site40-


VPN10 as a vNIC4, Site40-VPN20 as a vNIC5 and Site40-VPN30 as a vNIC6. You can add
additional network adapters by clicking Add network adapter. Click Save.

gg. Power on VM and access the console. . Authenticate using default credentials (admin/admin).
You will be asked to define a new username / password combination. Enter configuration
mode using configure terminal and set it up as admin again.

37
hh. Performing device configuration via console access is not very user friendly, as it does not
allow you to copy and paste information, or scroll your window to observer longer outputs.
You will perform minimal configuration first, that will enable you to connect to the cEdge via
SSH.

ii. Enter configuration mode using configure terminal. Define new VRF Mgmt-intf, which we will
use for out-of-band management. Use the commands below.

jj. You have to issue the commit command, before configuration is applied to the system.

kk. Exit config-vrf mode and configure GigabitEthernet 1, which we will use for out-of.band
purposes. Define appropriate VRF and IP address, using the commands below:

ll. Once management interface is configured, you can leverage SSH to access the CLI and
finalize the remaining of the CLI configuration. Click on the Terminal icon on the desktop and
connect using the ssh -l admin 192.168.0.40 command. Authenticate using admin as a
password.

Note If you are asked if you would like to continue connecting, enter yes.

mm. Access configuration mode using config-transaction. You will now first define system
parameters, which are all configured under system section.

system
host-name cEdge40
system-ip 10.255.255.40

38
site-id 40
organization-name "CLEUR 2020 LTRRST - 2734"
vbond 203.0.113.3

nn. Before configuring overlay tunnels, we are going to install root-cert-chain certificate on the
VM. Before installing it, we need to transfer root certificate from the Jumphost. On Jumphost
VM go to /home/student/localCA folder and scp ca.crt file to the cEdge VM using the
command below.

oo. Once transferred, check on the cEdge VM if the file is really there.

pp. Install root cert on the cEdge VM using the command below:

39
qq. Issue the show sdwan certificate root-ca-cert and verify that import of the certificate was
successful.

Note Next few steps are needed only for virtual devices, and physical devices without SUDI/TMP
chipset (ENCS, ASR1000 series). When manually onboarding physical routers, there is no need
to perform additional activation since hardware devices already have unique identity described
by certificate preloaded in the SUDI/TMP chipset.

rr. Return to web browser and navigate to vManage by clicking on the bookmark (alternatively
navigate to https://192.168.0.6). Authenticate using admin / admin. Navigate under
Configuration > Devices.

ss. Select the unused CSR1000v device and click on the three dots button at the farright end of
the table. From the drop-down menu select Generate Bootstrap Configuration.

tt. Accept the default Cloud-Init selection and press OK. To activate cEdge you will need the
values of uuid and otp.

40
uu. Return back to the terminal windows with SSH to cEdge40 and issue the following command:
request vedge-cloud activate chassis-number <value of UUID> token <value of otp>

request platform software sdwan vedge_cloud activate chassis-number CSR-0791656B-14F3-AE1E-AF4F-


5859C0BB08FB token 558e8bb8d206f4b1d44b3efaedb68e82

vv. After a minute or two issue the show sdwan control connections command.

ww. Issue show control local-properties where you can validate that chassis and serial numbers
have been assigned to the virtual device. This defines the unique identity of a cEdgeCloud
device.

xx. Return back to the vManage and check the status of cEdge40 under Configuration>Devices.
You should see that information about device has populated, and Device Status should be
show In Sync.

41
yy. Next step is to configure overlay tunnels. We are first going to deploy tunnel over the internet.

Note Additional configuration required (not required on vEdge). Note that the tunnel number must
match the interface number you are binding to i.e. Tunnel1 for Gi0/0/1, Tunnel10 for Gi0/1/0,
Tunnel100 for Gi1/0/0.

zz. Add an IP address and issue a no shutdown command on the GigabitEthernet 2 interface.

aaa. For connectivity purposes, define also a default route to the GW.

bbb. If you navigate to the Main Dashboard you should now see 1 successfully connected WAN
Edge device.

42
43
Summary
TBD

44

You might also like