---------------------------------------------------

! SD-WAN Controllers Configuration:

! (vManage, vSmart and vBond)
---------------------------------------------------

All Controllers are connected to the OOB Switch

OOB Switch is basically a Layer-2 Switch that is
connected to the VMware Mgmt. Network (vSwitch0)

All Controllers have an OOB IP Address (VLAN 512) in our

Lab's Local Network with IP Subnet 192.168.15.0/24

- vManage ==> 192.168.15.51

- vBond ==> 192.168.15.52
- vSmart ==> 192.168.15.53

Default Gateway for Mgmt Network is 192.168.15.254

Therefore, Controllers should have a Default Route

pointing to the Default Gateway:

- ip route 0.0.0.0/0 192.168.15.254

So the Controllers can be accessed from the Desktop

Since the vManage IP Address is 192.168.15.51, to access

vManage's Web Interface we'll need to use this URL:

https://192.168.15.51:8443/

Please keep in mind that the Controllers take a long time

to get fully loaded and ready to operate.

So you won't be able to login to the Controllers and/or

access the Web Interface until they are actually ready,
which could take up to 20 minutes after they are fired up.
-----------------------------------------------------------

- When you configure an SD-WAN Controller for the first time

you'll be asked for the proper Access Credentials

- These are the Default Access Credentials:

User: admin
Pass: admin

- You'll be asked to change the Password.

However, you could keep the same by entering admin again!

- Same Procedure applies to all Controllers (vSmart, vBond, etc.)

- In the specific case of vManage, you'll be the following:

- Select Storage Device to use:

1) hdb - 100GB
2) hdc - 3GB
Type 1 for hdb

- Would you like to Format hdb? (y/n) ==> y

- The Format process will take a while!

- You won't be able to Login until the process completes.

- Check the System Status before trying doing anything else

sh system status

- You'll see this Message when the System is ready:

System state: GREEN. All daemons up

----------------------------------------------------------

VPN ID 0 - In-Band Management Interface

VPN ID 512 - Out-of-Band Management Interface

!======================================================
! vManage
!======================================================
! As mentioned above, the vManage gets assigned this IP:
! 192.168.15.51
!
! Therefore, to access vManage's Web Interface we need
! to use this URL: https://192.168.15.51:8443/
!======================================================
!------------------------------------------------------
! After configure the OOB Interface, we should be
! able to ping to the vManage's IP from the Desktop
!
! If we are able to ping 192.168.15.51, then we are
! ready to access vManage's Web Interface
!------------------------------------------------------

conf t

system
host-name vManage
system-ip 1.1.1.1
site-id 1000
organization-name Ciscoland
vbond 10.1.1.2
exit

!---------------------------------------------
! VPN 0 is the In-Band Management Interface
! eth0 is configured in VPN 0 by default
! But we can change that as seen in the config
!---------------------------------------------
vpn 0
no int eth0
int eth1
no shut
ip add 10.1.1.1/24
 tunnel-interface
! vManage doesn't need: encapsulation ipsec

exit
!
ip route 0.0.0.0/0 10.1.1.254
!
!--------------------------------------------------
! Optionally we can configure DNS & NTP for VPN 0
!
! Our Default Gateway (172.1.0.1) is setup as BOTH:
! DNS & NTP Server! Therefore, we'll use it.
!
! DNS is configured in the VPN 0 section, while the
! NTP Server is configured in the System section
!--------------------------------------------------

system
clock timezone America/New_York
ntp server 172.1.0.1 prefer vpn 0
exit

vpn 0
dns 172.1.0.1
exit

!------------------------------------------------
! VPN 512 is the Out-of-Band Management Interface
! Since we removed eth0 from VPN 0, we can now
! define eth0 inside VPN 512
!------------------------------------------------

vpn 512
interface eth0
ip address 192.168.15.51/24
no shutdown
!
ip route 0.0.0.0/0 192.168.15.254
!
!------------------------------------------------
! Optionally we can configure DNS for VPN 512
! Since we are using a Home-Internet Router as the
! (192.168.15.254) Default Gateway, we can also
! use it as the DNS Server
!------------------------------------------------

vpn 512
dns 192.168.15.254

!------------------------------------------------
! To test it we need to use ping + the proper VPN
! For instance:
!------------------------------------------------

ping vpn 512 192.168.15.254

ping vpn 512 8.8.8.8

ping vpn 512 cisco.com

ping vpn 512 vmware.com
ping vpn 512 google.com

exit

commit and-quit

!------------------------------------------------
! After configure the OOB Inteface, we should be
! able to ping to this IP from the Desktop
!
! If we are able to ping, then we are ready to
! access vManage's Web Interface using this URL:
! https://192.168.15.51:8443/
!------------------------------------------------

********
If it logs commit failed due to:

Aborted: values are not unique: eth0

'vpn 0 interface eth0 if-name'
'vpn 512 interface eth0 if-name'

Delete eth0 on vpn 0 by command:

vpn 0
no interface eth0
commit
********

============================================
! vSmart
============================================

conf t
system
host-name vSmart
system-ip 1.1.1.3
site-id 1000
organization-name Ciscoland
vbond 10.1.1.2
!
!---------------------------------------------
! VPN 0 is the In-Band Management Interface
! eth0 is configured in VPN 0 by default
! But we can change that as seen in the config
!---------------------------------------------
vpn 0
no int eth0
int eth1
no shut
ip add 10.1.1.3/24

tunnel-interface
! vSmart doesn't need: encapsulation ipsec
 exit
!
! Default Router for VPN 0
ip route 0.0.0.0/0 10.1.1.254
!
!---------------------------------------------
! Since we removed eth0 from VPN 0, we can now
! define eth0 inside VPN 512
!------------------------------------------------
!
vpn 512
int eth0
ip add 192.168.15.53/24
no shut
exit
!
! Default Router for VPN 512
ip route 0.0.0.0/0 192.168.15.254
!
!
!--------------------------------------------------
! Optionally we can configure DNS & NTP for VPN 0
!--------------------------------------------------

system
clock timezone America/New_York
ntp server 172.1.0.1 prefer vpn 0
exit

vpn 0
dns 172.1.0.1
exit

commit and-quit

========
! vBond
========
conf t
system
host-name vBond
system-ip 1.1.1.2
site-id 1000
organization-name Ciscoland
vbond 10.1.1.2 local vbond-only
!
!---------------------------------------------
! VPN 0 is the In-Band Management Interface
! ge0/0 is configured in VPN 0 by default
!
! Please notice that in this case of vBond
! there is no need to change the Interface
! from eth0 to eth0!
!
! eth0 is NOT configured in VPN 0 by default!
! The default in vBond is int ge0/0
! Therefore, eth0 can be used for VPN 512
!---------------------------------------------
vpn 0
int ge0/0
no shut
ip add 10.1.1.2/24

tunnel-interface
! vBond does need: encapsulation ipsec!
encapsulation ipsec
exit
!
ip route 0.0.0.0/0 10.1.1.254

vpn 512
int eth0
ip add 192.168.15.52/24
no shut
exit
!
ip route 0.0.0.0/0 192.168.15.254
!
!--------------------------------------------------
! Optionally we can configure DNS & NTP for VPN 0
!--------------------------------------------------

system
clock timezone America/New_York
ntp server 172.1.0.1 prefer vpn 0
exit

vpn 0
dns 172.1.0.1
exit
!
commit and-quit