Please note that his post is just about deploying the Cisco SD-WAN components in EVE-NG hence concepts are not discussed.
Following is the lab used in this post.
vSmart version used in this lab is 20.7.1
After bootup, you can console it and it will ask to change the password where the default username and passwords are both "admin".
According to the lab diagram, following are the configuration needed. It is just like the Cisco CLI
!
organization-name is very important as all the controllers, edges and the controller profile in smart account also need to match.
site-id should also be same in all controllers in order to sync/work.
eth0 is the default interface configured for VPN0 (the underlay VPN), you can allow all services or just limit to sshd, https etc only.
10.10.10.1 which is the default route is inside the Site-1 Core Switch as a VLAN interface.
Now let's add the vSmart to vManage
Additionally you can test by CLI command "show control connections"
After bootup, you can console it and it will ask to change the password where the default username and passwords are both "admin".
According to the lab diagram, following are the configuration needed. It is just like the Cisco CLI
!
config t
!
system
host-name vSmart
system-ip 10.1.1.103
organization-name TEST-ORG1
site-id 100
vbond 10.10.10.20
clock timezone Asia/Colombo
!
vpn 0
!
system
host-name vSmart
system-ip 10.1.1.103
organization-name TEST-ORG1
site-id 100
vbond 10.10.10.20
clock timezone Asia/Colombo
!
vpn 0
ip route 0.0.0.0/0 10.10.10.1
interface eth0
ip address 10.10.10.30/24
no shut
tunnel-interface
allow-service all
interface eth0
ip address 10.10.10.30/24
no shut
tunnel-interface
allow-service all
commit
!
!
Key Things to Note:-
system-ip is just an ID, which does not need to be routed. It is there to identify the device and it's just a number like OSPF router-id.organization-name is very important as all the controllers, edges and the controller profile in smart account also need to match.
site-id should also be same in all controllers in order to sync/work.
eth0 is the default interface configured for VPN0 (the underlay VPN), you can allow all services or just limit to sshd, https etc only.
10.10.10.1 which is the default route is inside the Site-1 Core Switch as a VLAN interface.
Now let's add the vSmart to vManage
Go to Configuration > Devices
Select "Controllers"
Add Controller
Select vSmart and give the VPN0 interrface IP address as Management IP and username and password
tick the Generate CSR and hit Add""
Now Go to Configuration > Certificates
Select controllers
Click on the 3 dots at the right side of the controller and select Generate CSR
Download the CSR and send it to CA Server to get it signed..
After you have it signed, you can Go to Configuration > Certificates again and hit "Install Certificate"
and paste the certificate content as text to install the certificate.
After few seconds, the status will turn to green with a Success..
Additionally you can test by CLI command "show control connections"
No comments:
Post a Comment