Establishing DTLS Tunnel with vManage
Before you begin
To establish a DTLS channel with vManage, vDaemon is integrated on NFVIS
Note |
The device is vManaged and hence any configurations done out-of-band is overwritten by vManage. The show commands continue to work in the same way. |
Note |
If CSP devices are already added into PnP Connect, skip the instructions that are mentioned from steps 1 to 5 in topic, and perform instructions from step 6. |
Note |
If CSP devices are already added into vManage, perform instructions from step 13. |
Procedure
Step 1 |
Get access to PnP devices and log into Plug and Play Connect. |
||
Step 2 |
Create a virtual account. See the Plug and Play Connect Configuration Guide for more information about creating a virtual account. |
||
Step 3 |
In the virtual account, create a vbond controller.
|
||
Step 4 |
In the Add Controller Profile window, provide information about Organization Name, vbond IP address, root CA, and other information. Click Next. |
||
Step 5 |
Go to the Devices tab, add your device by using PID and serial number. Assign the vbond profile that is created in step 3 to the device.
|
||
Step 6 |
Your device should have DNS servers with connections to Plug and Play Connect. |
||
Step 7 |
Verify PnP status to determine if redirection is successful. Use the |
||
Step 8 |
Go to Plug and Play Connect screen and verify if status is displayed as "Redirect Successful". |
||
Step 9 |
To ensure that VPN configuration are present on NFVIS, use the |
||
Step 10 |
To ensure that Organization name and vbond IP address have been configured, use the |
||
Step 11 |
To ensure that root ca have been installed, use the |
||
Step 12 |
Upload WAN edge list into vManage. For more information, see Add Cloud OnRamp for Colocation Devices into vManage in Cisco SD-WAN Cloud OnRamp for Colocation Solution Guide. |
||
Step 13 |
In vManage, go to Configure & Provision Cluster button. For more information, see Create and Activate Network Hub Cluster in Cisco SD-WAN Cloud OnRamp for Colocation Solution Guide. screen. Create a new cluster by clicking the |
||
Step 14 |
After activating the cluster, get the token that you had noted while adding devices into vManage, and then request an activate command on NFVIS. Use the following NFVIS command: Example:
nfvis# request activate chassis-number CSP-5444-X2-FCH2118V0CY token f3117c35c3206f4adfab5ced0d57db44
|
||
Step 15 |
Verify that your system IP address has been configured, VNFs to be run on CSPs such as CSR 1000v, vEdge are already installed, and connections are working. For verification, use the following NFVIS commands: Example:
|
||
Step 16 |
If connections are not running, use the following NFVIS history command to debug: Example:
nfvis# show control connections-history
|