cisco sd-wanrms.koenig-solutions.com/sync_data/trainer/qms/1942-202051749… · vsmart vedge router...
TRANSCRIPT
Cisco SD-WAN Cisco SDN:
SD-WAN: WAN Solutions
SD-Access: LAN & Campus Solutions
ACI: Data Center Solutions
Cisco SD-WAN Components:
vMange
vBond
vSmart
vEdge Router
Lab Topology:
Default Login Credentials:
Username: admin
Password: admin
How to reset SD-WAN components: Lab Topology:
Basic Configuration: vManage:
Basic Configuration:
VPN 0 Configuration: Transport VPN
VPN 512 Configuration: Management VPN
Default Route Configuration:
Root CA Certification Installation on vManage:
Web Access vMange: https://10.1.99.1
Go to: Administration--Setting:
Do the following change setting:
Organization name: koenig
vBond: 172.16.10.2 Port : 12346
Controller certificate Authorization: Edit: Enterprise Root Certificate: Select file
CA certificate file: we need to download from CA Server:
https://10.1.99.1/certsrv
Select Base 64 and Click on Download a CA certificate.
Note: CA certificate we need to install only on vManage.
How to generate CA signed certificate for VManage:
Certificate Request from vManage:
Configuration: Certificates: Controllers: Select vManage: Click on generate CSR
Certificate Request from CA Server:
Request a certificate: Advanced certificate request: Submit a certificate request:
Click on download certificate: CA server signed certificate downloaded.
Install CA signed certificate on vManage:
Select vMange from controllers: click on install certificate: select a file: click on install:
Basic Configuration: vBond
Basic Configuration:
VPN0 Configuration: Transport VPN
VPN512 Configuration: Management VPN
Default Route Configuration:
How to add vBond to vManage:
Configuration: Devices: Controller: Add controller: Select vBond:
vBond Management IP Address: 172.16.10.2
Username: admin
Password: admin
How to generate CA signed certificate for vBond:
Certificate Request from vBond:
Configuration: Certificates: Controllers: Select vBond: Click on generate CSR
Certificate Request from CA Server:
Request a certificate: Advanced certificate request: Submit a certificate request:
Select Base 64 encoded and Click on download certificate: CA server signed certificate
downloaded.
Install CA signed certificate on vBond:
Select vBond from controllers: click on install certificate: select a file: click on install:
Basic Configuration: vSmart
Basic Configuration:
VPN0 Configuration: Transport VPN
VPN512 Configuration: Management VPN
Default Route Configuration:
How to add vSmart to vManage:
Configuration: Devices: Controller: Add controller: Select vSmart:
vSmart Management IP Address: 172.16.10.3
Username: admin
Password: admin
How to generate CA signed certificate for vSmart:
Certificate Request from vSmart:
Configuration: Certificates: Controllers: Select vSmart: Click on generate CSR
CA Singed Certificate Installation Verification:
Configuration: Devices: Controllers: Certificate Status: Installed
Configuration: Certificates: Controllers: Certificate Serial No.:
Main Dashboard Verification:
How to add vEdge Router List to vMange:
Configuration: Devices: WAN Edge List: Upload WAN Edge List:
WAN Edge list Upload Method:
Select .viptela file and select the Check box (validate the uploaded vEdge list and send to controller).
Click on upload button.
Configuration: Certificates: WAN Edge list: Click on Valid to enable Chassis No and token no.:
After Validate the all the devices click on send to controllers:
Basic Configuration: vEdge Router
Basic Configuration:
VPN 0 Configuration: Transport VPN
VPN 512 Configuration: Management VPN
Default Route Configuration: Gold (Internet)
VPN 10 Configuration: Routing VPN
How to download and install CA server certificate form CA Server: (Need TFTP Server):
TFTP Server setting:
After TFTP Server Setting: vEdge CLI: type the below command:
CA Server certificate download Verification:
Take the putty session of vEdge Router to activate vEdge Router:
Chassis Number and token has been taken from below screen:
After Successful activation serial number will be generated like above screen in last row.
Main Dashboard Device Verification:
Command Line Verification: vManage and vSmart:
show control connections
show control local-properties
show interface eth0
Show running-config VPN 0
Command Line Verification: vBond
show orchestrator connections
show orchestrator summary
show system status
Basic Configuration: R1 Router
Basic Configuration:
VPN 0 Configuration: Transport VPN
Default Route Configuration: Gold (Internet)
VPN 10 Configuration: Routing VPN
Certificate Installation Process: R1
State: Certificate Installed Serial No.:B9C65643 Hostname: R1 IP Address: 1.1.1.1
Now click on send to controllers:
Take the putty session of R1 to download & install CA Server and activate and install certificate on
R1 Router:
Basic Configuration: R2 Router
Basic Configuration:
VPN 0 Configuration: Transport VPN
Default Route Configuration: Gold (Internet)
VPN 10 Configuration: Routing VPN
Take the putty session of R1 to download & install CA Server and activate and install certificate on
R2 Router:
State: Certificate Installed Serial No.:4B170CFA Hostname: R2 IP Address: 1.1.1.2
Now click on send to controllers:
Finally: Main Dashboard, Device & Controller Status:
Additional Configuration
Addtitional Configuration : R1
Addtitional Configuration :R2
Command Line Verification Commands:
Show ip routes
Show ip routes summary
Show ip routes omp
vMange Verification :
OMP : Overlay Mangement protocol
TLOC : Transport Locator : System-ip+Color+Encapsulation:
Monitor: Network
Click on R1 and select Real Time: Device options: IP Routes
Click on R1 and select Real Time: Device options: OMP received routes
Click on R1 and select Real Time: Device options: OMP received TLOC