Scribd
Upload
88 views9 pages

SD-WAN Controller Initialization

The document provides instructions for initializing the vManage, vBond, and vSmart network controllers through CLI and GUI configurations. It describes configuring system parameters like hostname, IP addresses, timezones and certificates for each device. It also includes configuring VPN interfaces and routes. The goal is to integrate the controllers on the network and establish secure communications between them.

Uploaded by

Yusuf Mahmoud
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
88 views9 pages

SD-WAN Controller Initialization

The document provides instructions for initializing the vManage, vBond, and vSmart network controllers through CLI and GUI configurations. It describes configuring system parameters like hostname, IP addresses, timezones and certificates for each device. It also includes configuring VPN interfaces and routes. The goal is to integrate the controllers on the network and establish secure communications between them.

Uploaded by

Yusuf Mahmoud
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 9

Lab1 – Initializing vManage – CLI

Task 1 - Configuring the System Component


Configure the System parameters based on the following:
o Hostname: vmange-01
o Organization: hiltop
o System-IP: 10.1.1.11
o SiteID: 100
o Vbond Address: 10.1.1.12
o Timezone: Africa/Lagos
o NTP: 10.0.1.1

vManage Configuration
system
host-name vmanage-01
system-ip 10.1.1.11
site-id 100
organization-name hiltop
clock timezone Africa/Lagos
vbond 10.0.1.12
ntp server 10.0.1.1 prefer vpn 0
commit

Task 2 – configure VPN parameters


Configure the VPN parameters based on the following:

VPN 0

▪ Interface eth1
▪ IP address: 10.0.1.11/24
▪ Default route: 10.0.1.1

vManage Configuration
vpn 0
interface eth1
ip address 10.0.1.11/24
no shutdown
ip route 0.0.0.0/0 10.0.1.1
commit
Verification
Ping 10.0.1.1
show ntp associations

Lab2 – Initializing vManage – GUI


Task 1 - Organization Name and vBond Address
 Login to vManage from Browser https:10.0.1.11:8443 (admin/admin)
 Navigate to Administration > Settings
 Click edit on Organization Name and set it to hiltop. Click ok.
 Click edit on vBond address and change it to 10.0.1.12. click ok.

Task 2 – Configuration of Controller Authorization as Enterprise root and download the


root certificate
 Browse http://10.0.3.10/certsrv
 Click “Download Root Certificate”

 Select “Base 64”


 Click “Download CA Certificate”
 Navigate to the downloaded file and rename as “RootCert”
 Open the file with notepad and copy content.
 In vmanage navigate to Administration > Settings > controller Certificate Authorization and
paste content.

 Set the CSR parameters with the Organization name, City, state, country and time to 1year

Task 3 – Generate CSR for vManage


 Navigate to Configuration > Certificate > Controllers > vManage > Generate CSR and copy
content.
Task 4 – Request a Certificate from CA server
 Browse to http://10.0.3.10/certsrv and click on “Request a Certificate”.
 Select “Advanced certificate request”
 Paste the copied CSR and click on “Submit”

 Select “Base 64” and click “Download”


 Rename the Certnew file to vmanage.

Task 5 – Install Certificate on vManage


 In vManage, navigate to Configuration > Certificate > Controllers
 Click on “Install Certificate”
 Click on “Select a file”
 Browse to the vmanage file and select it.
 Click on “Install”.
Lab 3 – Initializing vBond – CLI
Task 1 – Configuring System components
Configure the System parameters based on the following:

 Host-name: vbond-01
 Organization: hilltop
 System-IP: 10.1.1.12
 Site-id: 100
 vBond Address: 10.0.1.12
 Timezone: Africa/Lagos
 Ntp server: 10.0.1.1

On the console of the VBond

system
host-name vbond-01
system-ip 10.1.1.12
site-id 100
organization-name hiltop
clock timezone Africa/Lagos
vbond 10.0.1.12 local
ntp server 10.0.1.1 prefer vpn 0
commit

Task 2 - Configure the VPN parameters


Configure the VPN parameters based on the following:

VPN 0

 Interface: ge0/0
 IP address: 10.0.1.12/24
 Remove tunnel Interface
 Default route: 10.0.1.1

On the vBond Console

vpn 0
ip route 0.0.0.0/0 10.0.1.1
interface ge0/0
ip address 10.0.1.12/24
no shutdown
no tunnel-interface
commit
Lab 4 - Initializing vBond – GUI
Task 1 – Add vBond to vManage
On vManage navigate to Configuration > Devices > Controllers and click on “Add Controllers”.

Specify the following:

 IP Address: 10.0.1.12
 Username: admin
 Password: admin
 Uncheck “generate CSR”
 Click ok.

Task 2 – Generate CSR for vBond


Navigate to Configuration > Certificates > Controllers > vBond and click on “Generate CSR”

Copy the content and do as in previous Lab for vmange CSR.

After all is finished, add the below on the vmanage console

Config
vpn 0
interface eth0
tunnel-interface
allow-service all
commit

Also add the below to the vBond


Config
vpn 0
interfaces ge0/0
tunnel-interface
allow-service all
encapsulation ipsec
commit

show orchestrator connections

Lab 5 - Initializing vSmart – CLI


Task 1 - Configuring the System Component
Configure the System parameters based on the following:

 Host-name: vsmart-01
 Organization: hilltop
 System-IP: 10.1.1.13
 Site-id: 100
 vBond Address: 10.0.1.12
 Timezone: Africa/Lagos
 Ntp server: 10.0.1.1

On the console of the VSmart

Config
system
host-name vsmart-01
system-ip 10.1.1.13
site-id 100
domain-id 1
organization-name hiltop
clock timezone Africa/Lagos
vbond 10.0.1.12
ntp server 10.0.1.1 prefer vpn 0
commit

Task 2 – Configure the VPN parameters


Configure the VPN parameters based on the following:

VPN 0

 Interface: eth0
 IP address: 10.0.1.13/24
 Remove tunnel Interface
 Default route: 10.0.1.1
On the vSmart console

Config
vpn 0
ip route 0.0.0.0/0 10.0.1.1
interface eth0
ip address 10.0.1.13/24
no shutdown
no tunnel-interface
commit
ping 10.0.1.1

show ntp associations

Lab 8 - Initializing vSmart – GUI


Task 1 – Add vSmart to vManage
On vManage navigate to Configuration > Devices > Controllers and click on “Add Controllers” and
add vsmart

Specify the following:

 IP Address: 10.0.1.12
 Username: admin
 Password: admin
 Uncheck “generate CSR”
 Click ok.
Task 2 – Generate CSR for vSmart
Navigate to Configuration > Certificates > Controllers > vsmart and click on “Generate CSR”

Copy the content and do as in previous Lab for vmange CSR.

After all is finished, add the below on the vsmart console

Config
vpn 0
interfaces eth0
tunnel-interface
allow-service all
commit

You might also like