Scribd Logo
Upload

Welcome to Scribd!

  • Cisco SD-WAN: SD-WAN: WAN Solutions SD-Access: LAN & Campus Solutions ACI: Data Center Solutions

    Uploaded by

    Gladys Quispe Colqui
    165 views30 pages
    Cisco SD-WAN includes components like vManage, vBond, vSmart, and vEdge routers that allow configuration of transport VPNs, management VPNs, and routing VPNs. The lab topology consists of a vManage, vBond, vSmart, and two vEdge routers and two external routers. Basic configurations are completed on all devices including transport VPNs, management VPNs, default routes, and routing VPNs. Certificates are generated, signed by the CA server, and installed on all devices. The routers are added to vManage and their configurations are verified through the dashboard and CLI commands.

    Original Description:

    Original Title

    SDWANBasicConfiguration

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Cisco SD-WAN includes components like vManage, vBond, vSmart, and vEdge routers that allow configuration of transport VPNs, management VPNs, and routing VPNs. The lab topology consists of a vManage, vBond, vSmart, and two vEdge routers and two external routers. Basic configurations are completed on all devices including transport VPNs, management VPNs, default routes, and routing VPNs. Certificates are generated, signed by the CA server, and installed on all devices. The routers are added to vManage and their configurations are verified through the dashboard and CLI commands.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    165 views30 pages

    Cisco SD-WAN: SD-WAN: WAN Solutions SD-Access: LAN & Campus Solutions ACI: Data Center Solutions

    Uploaded by

    Gladys Quispe Colqui
    Cisco SD-WAN includes components like vManage, vBond, vSmart, and vEdge routers that allow configuration of transport VPNs, management VPNs, and routing VPNs. The lab topology consists of a vManage, vBond, vSmart, and two vEdge routers and two external routers. Basic configurations are completed on all devices including transport VPNs, management VPNs, default routes, and routing VPNs. Certificates are generated, signed by the CA server, and installed on all devices. The routers are added to vManage and their configurations are verified through the dashboard and CLI commands.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 30

    Cisco SD-WAN

    Cisco SDN:
    SD-WAN: WAN Solutions
    SD-Access: LAN & Campus Solutions
    ACI: Data Center Solutions

    Cisco SD-WAN Components:

     vMange
     vBond
     vSmart
     vEdge Router

    Lab Topology:
    Default Login Credentials:
    Username: admin
    Password: admin

    How to reset SD-WAN components: Lab Topology:


    Basic Configuration: vManage:

    Basic Configuration:

    VPN 0 Configuration: Transport VPN

    VPN 512 Configuration: Management VPN

    Default Route Configuration:


    Root CA Certification Installation on vManage:

    Web Access vMange: https://10.1.99.1

    Go to: Administration--Setting:

    Do the following change setting:

     Organization name: koenig


     vBond: 172.16.10.2 Port : 12346
     Controller certificate Authorization: Edit: Enterprise Root Certificate: Select file
    CA certificate file: we need to download from CA Server:
    https://10.1.99.1/certsrv

    Select Base 64 and Click on Download a CA certificate.

    Note: CA certificate we need to install only on vManage.


    How to generate CA signed certificate for VManage:

    Certificate Request from vManage:


    Configuration: Certificates: Controllers: Select vManage: Click on generate CSR

    Certificate Request from CA Server:

    Request a certificate: Advanced certificate request: Submit a certificate request:


    Click on download certificate: CA server signed certificate downloaded.
    Install CA signed certificate on vManage:
    Select vMange from controllers: click on install certificate: select a file: click on install:
    Basic Configuration: vBond
    Basic Configuration:

    VPN0 Configuration: Transport VPN

    VPN512 Configuration: Management VPN

    Default Route Configuration:


    How to add vBond to vManage:
    Configuration: Devices: Controller: Add controller: Select vBond:

     vBond Management IP Address: 172.16.10.2


     Username: admin
     Password: admin

    How to generate CA signed certificate for vBond:

    Certificate Request from vBond:


    Configuration: Certificates: Controllers: Select vBond: Click on generate CSR
    Certificate Request from CA Server:
    Request a certificate: Advanced certificate request: Submit a certificate request:

    Select Base 64 encoded and Click on download certificate: CA server signed certificate
    downloaded.

    Install CA signed certificate on vBond:

    Select vBond from controllers: click on install certificate: select a file: click on install:
    Basic Configuration: vSmart
    Basic Configuration:

    VPN0 Configuration: Transport VPN

    VPN512 Configuration: Management VPN

    Default Route Configuration:


    How to add vSmart to vManage:
    Configuration: Devices: Controller: Add controller: Select vSmart:

     vSmart Management IP Address: 172.16.10.3


     Username: admin
     Password: admin

    How to generate CA signed certificate for vSmart:

    Certificate Request from vSmart:


    Configuration: Certificates: Controllers: Select vSmart: Click on generate CSR
    CA Singed Certificate Installation Verification:
    Configuration: Devices: Controllers: Certificate Status: Installed
    Configuration: Certificates: Controllers: Certificate Serial No.:

    Main Dashboard Verification:


    How to add vEdge Router List to vMange:
    Configuration: Devices: WAN Edge List: Upload WAN Edge List:
    WAN Edge list Upload Method:

    Select .viptela file and select the Check box (validate the uploaded vEdge list and send to controller).
    Click on upload button.

    Configuration: Certificates: WAN Edge list: Click on Valid to enable Chassis No and token no.:
    After Validate the all the devices click on send to controllers:
    Basic Configuration: vEdge Router
    Basic Configuration:

    VPN 0 Configuration: Transport VPN

    VPN 512 Configuration: Management VPN

    Default Route Configuration: Gold (Internet)

    VPN 10 Configuration: Routing VPN


    How to download and install CA server certificate form CA Server: (Need TFTP Server):
    TFTP Server setting:

    After TFTP Server Setting: vEdge CLI: type the below command:

    CA Server certificate download Verification:


    Take the putty session of vEdge Router to activate vEdge Router:
    Chassis Number and token has been taken from below screen:

    After Successful activation serial number will be generated like above screen in last row.

    Main Dashboard Device Verification:

    Command Line Verification: vManage and vSmart:

     show control connections


     show control local-properties
     show interface eth0
     Show running-config VPN 0

    Command Line Verification: vBond

     show orchestrator connections


     show orchestrator summary
     show system status
    Basic Configuration: R1 Router
    Basic Configuration:

    VPN 0 Configuration: Transport VPN

    Default Route Configuration: Gold (Internet)

    VPN 10 Configuration: Routing VPN


    Certificate Installation Process: R1

    State: Certificate Installed Serial No.:B9C65643 Hostname: R1 IP Address: 1.1.1.1

    Now click on send to controllers:

    Take the putty session of R1 to download & install CA Server and activate and install certificate on
    R1 Router:
    Basic Configuration: R2 Router
    Basic Configuration:

    VPN 0 Configuration: Transport VPN

    Default Route Configuration: Gold (Internet)

    VPN 10 Configuration: Routing VPN


    Take the putty session of R1 to download & install CA Server and activate and install certificate on
    R2 Router:

    State: Certificate Installed Serial No.:4B170CFA Hostname: R2 IP Address: 1.1.1.2

    Now click on send to controllers:


    Finally: Main Dashboard, Device & Controller Status:
    Additional Configuration

    Addtitional Configuration : R1

    Addtitional Configuration :R2


    Command Line Verification Commands:

     Show ip routes
     Show ip routes summary
     Show ip routes omp

    vMange Verification :
    OMP : Overlay Mangement protocol
    TLOC : Transport Locator : System-ip+Color+Encapsulation:

    Monitor: Network

    Click on R1 and select Real Time: Device options: IP Routes


    Click on R1 and select Real Time: Device options: OMP received routes

    Click on R1 and select Real Time: Device options: OMP received TLOC

    You might also like