Following is the lab used in this post.
vBond in EVE-NG is the same image as vEdge and the version used in this lab is 20.7.1
After bootup, you can console it and it will ask to change the password where the default username and passwords are both "admin".
According to the lab diagram, following are the configuration needed.
It is just like the Cisco CLI
!
config t
!
system
host-name vBond
system-ip 10.1.1.102
organization-name TEST-ORG1
site-id 100
vbond 10.10.10.20 local
clock timezone Asia/Colombo
!
vpn 0
ip route 0.0.0.0/0 10.10.10.1
interface ge0/0
ip address 10.10.10.20/24
no shut
tunnel-interface
encapsulation ipsec
allow-service all
commit
!
Key Things to Note:-
system-ip is just an ID, which does not need to be routed. It is there to identify the device and it's just a number like OSPF router-id.
organization-name is very important as all the controllers, edges and the controller profile in smart account also need to match.
ge0/0 is the default interface configured for VPN0 (the underlay VPN), you can allow all services or just limit to sshd, https etc only.
site-id should also be same in all controllers in order to sync/work.
"local" keyword specifies that this is the vBond itself.
Now let's add the vBond to vManage
Go to Configuration > Devices
Select "Controllers"
Add Controller
Select vBond and give the VPN0 interrface IP address as Management IP and username and password
tick the Generate CSR and hit Add""
Now Go to Configuration > Certificates
Select controllers
Click on the 3 dots at the right side of the controller and select Generate CSR
Download the CSR and send it to CA Server to get it signed..
After you have it signed, you can Go to Configuration > Certificates again and hit "Install Certificate"
and paste the certificate content as text to install the certificate.
After few seconds, the status will turn to green with a Success..
Additionally you can test by CLI command "show control connections"
No comments:
Post a Comment