Configure Devices

You can create and store configurations for all devices—the Cisco SD-WAN Manager systems themselves, Cisco Catalyst SD-WAN Controllers, Cisco Catalyst SD-WAN Validators, and routers— by using Cisco SD-WAN Manager. When the devices start up, they contact Cisco SD-WAN Manager, which then downloads the device configuration to the device. (A device that is starting up first contacts the Cisco Catalyst SD-WAN Validator, which validates the device and then sends it the IP address of Cisco SD-WAN Manager.)

The general procedure for creating configuration for all devices is the same. This section provides a high-level description of the configuration procedure. It also describes the prerequisite steps that must be performed before you can create configurations and configure devices in the overlay network.

Device Configuration Workflow

Devices in the overlay network that are managed by Cisco SD-WAN Manager must be configured from Cisco SD-WAN Manager. The basic configuration procedure is straightforward:

  1. Create feature templates.

    1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

    2. Click Feature Templates, and click Add Templates.


      Note

      In Cisco vManage Release 20.7.x and earlier releases, Feature Templates is titled Feature.

  2. Create device templates.

    1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

    2. Click Device Templates, and click Create Templates.


      Note

      In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Attach device templates to individual devices.

    1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

    2. Click Device Templates, and choose a template.


      Note

      In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

    3. Click , and select Attach Devices.

Feature Templates

Feature templates are the building blocks of complete configuration for a device. For each feature that you can enable on a device, Cisco SD-WAN Manager provides a template form that you fill out. The form allows you to set the values for all configurable parameters for that feature.

Because device configurations vary for different device types and the different types of routers, feature templates are specific to the type of device.

Some features are mandatory for device operation, so creating templates for these features is required. Also for the same feature, you can create multiple templates for the same device type.


Note

In releases prior to Cisco IOS XE Catalyst SD-WAN Release 17.7.1a, if you enter < or > special characters in a Cisco SD-WAN Manager feature template definition or description, Cisco SD-WAN Manager generates a 500 exception error while attempting to preview a Cisco SD-WAN Manager feature template.

Starting from Cisco IOS XE Catalyst SD-WAN Release 17.7.1a, if you enter < or > special characters in a Cisco SD-WAN Manager feature template definition or description, the special characters are converted to their HTML equivalents, &lt; and &gt;. This applies to all feature templates. You no longer receive a 500 exception error when previewing a Cisco SD-WAN Manager feature template.

Device Templates

You create and store configurations for all devices—the Cisco SD-WAN Manager systems themselves, Cisco Catalyst SD-WAN Controllers, Cisco Catalyst SD-WAN Validators, and routers— by using Cisco SD-WAN Manager. When the devices start up, they contact Cisco SD-WAN Manager, which then downloads the device configuration to the device. (A device that is starting up first contacts the Cisco Catalyst SD-WAN Validator, which validates the device and then sends it the IP address of Cisco SD-WAN Manager.)

Device templates contain complete operational configuration for a device. You create device templates by consolidating individual feature templates.

Each device template is specific for a type of device. For each device type, if multiple devices have the same configuration, you can use the same device template for them. For example, many of the routers in a network might have the same basic configuration, so you can configure them with the same templates. (You specify the differences in the templates using configuration variables, which are discussed below.) If the configurations for the same type of devices are different, you create separate device templates.

You can also create a device template by entering a CLI text-style configuration directly on Cisco SD-WAN Manager. Typically, you upload a text file containing the configuration text (or cut the configuration text from a text file and paste it into Cisco SD-WAN Manager). You can also directly type the configuration text into Cisco SD-WAN Manager.

From Cisco IOS XE Catalyst SD-WAN Release 17.5.1a and Cisco vManage Release 20.5.1, you can review your last edited configuration when your latest configuration is not being pushed to the device. For more information, see Edit a Device Template When a Push Fails.

From Cisco vManage Release 20.5.1, device variable page shows text area instead of text input field to configure CLI device template for the ease of configuration.

Template Variables

Within a feature template, some configuration commands and command options are identical across all device types. Others—such as a device system IP address, its geographic latitude and longitude, the timezone, and the overlay network site identifier—are variable, changing from device to device. When you attach the device template to a device, you are prompted to enter actual values for these command variables. You can do this either manually, by typing the values for each variable and for each device, or you can upload an Excel file in CSV format that contains the values for each device.

Configuration Prerequisites

Security Prerequisistes

Before you can configure any device in the network, that device must be validated and authenticated so that Cisco SD-WAN Manager systems, Cisco Catalyst SD-WAN Controllers, and Cisco Catalyst SD-WAN Validators recognize it as being allowed in the overlay network.

To validate and authenticate the controllers in the overlay network—Cisco SD-WAN Manager, Cisco SD-WAN Controller, and Cisco Catalyst SD-WAN Validators—a signed certificate must be installed on these devices.

To validate and authenticate the routers, you receive an authorized serial number file from Cisco, which lists the serial and chassis numbers for all the routers allowed in your network. Then, you upload the serial number file to Cisco SD-WAN Manager.

Variables Spreadsheet

The feature templates that you create most likely contain variables. To have Cisco SD-WAN Manager populate the variables with actual values when you attach a device template to a device, create an Excel file that lists the variable values for each device and save the file in CSV format.

In the spreadsheet, the header row contains the variable name and each row after that corresponds to a device, defining the values of the variables. The first three columns in the spreadsheet must be the following, in this order:

  • csv-deviceId—Serial number of the device (used to uniquely identify the device). For routers, you receive the serial numbers in the authorized serial number file sent to you from Cisco. For other devices, the serial number is included in the signed certificate you receive from Symantec or from your root CA.

    csv-deviceIP—System IP address of the device (used to populate the system ip address command).

  • csv-host-name—Hostname of the device (used to populate the system hostname command).

You can create a single spreadsheet for all devices in the overlay network—Cisco Catalyst SD-WAN Controllers, Cisco Catalyst SD-WAN Validators, and routers. You do not need to specify values for all variables for all devices.

Create a Device Template from Feature Templates

Device templates define a device's complete operational configuration. A device template consists of a number of feature templates. Each feature template defines the configuration for a particular Cisco Catalyst SD-WAN software feature. Some feature templates are mandatory, indicated with an asterisk (*), and some are optional. Each mandatory feature template, and some of the optional ones, have a factory-default template. For software features that have a factory-default template, you can use either the factory-default template (named Factory_Default_feature-name_Template) or you can create a custom feature template.

Create a Device Template from Feature Templates

To create a device template:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click the Create Template drop-down list, and select From Feature Template.

  4. From the Device Model drop-down list, select the type of device for which you wish to create the template.

    Cisco SD-WAN Manager displays all the feature templates for that device type. The required feature templates are indicated with an asterisk (*), and the remaining templates are optional. The factory-default template for each feature is selected by default.

  5. In the Template Name field, enter a name for the device template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.

  6. In the Description field, enter a description for the device template.

    This field is mandatory, and it can contain any characters and spaces.

  7. To view the factory-default configuration for a feature template, select the desired feature template and click View Template.

  8. Click Cancel to return to the Configuration Template screen.

  9. To create a custom template for a feature, select the desired factory-default feature template and click Create Template. The template form is displayed.

    This form contains fields for naming the template and defining the feature parameters.

  10. In the Template Name field, enter a name for the feature template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.

  11. In the Description field, enter a description for the feature template.

    This field is mandatory, and it can contain any characters and spaces.

  12. For each field, enter the desired value. You may need to click a tab or the plus sign (+) to display additional fields.

  13. When you first open a feature template, for each parameter that has a default value, the scope is set to Default (indicated by a check mark), and the default setting or value is shown. To change the default or to enter a value, click the scope drop-down list of the parameter field and select one of the following:

    Table 1.

    Parameter Scope

    Scope Description

    Device Specific (indicated by a host icon)

    Use a device-specific value for the parameter. For device-specific parameters, you cannot enter a value in the feature template. You enter the value when you attach a device to a device template.

    When you click Device Specific, the Enter Key box opens. This box displays a key, which is a unique string that identifies the parameter in a CSV file that you create. This file is an Excel spreadsheet that contains one column for each key. The header row contains the key names (one key per column), and each row after that corresponds to a device and defines the values of the keys for that device. You upload the CSV file when you attach a device to a device template. For more information, see Use Variable Values in Configuration Templates.

    To change the default key, type a new string and move the cursor out of the Enter Key box.

    Examples of device-specific parameters are system IP address, hostname, GPS location, and site ID.

    Global (indicated by a globe icon)

    Enter a value for the parameter, and apply that value to all devices.

    Examples of parameters that you might apply globally to a group of devices are DNS server, syslog server, and interface MTUs.

  14. For some groups of parameters, you can mark the entire group as device-specific. To do this, check the Mark as Optional Row check box.

    These parameters are then grayed out so that you cannot enter a value for them in the feature template. You enter the value or values when you attach a device to a device template.

  15. Click Save.

  16. Repeat Steps 6 through 13 to create a custom template for each additional software feature. For details on creating specific feature templates, see the templates listed in Available Feature Templates.

  17. Click Create. The new configuration template is displayed in the Device Template table.

    The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "Feature" to indicate that the device template was created from a collection of feature templates.

Another way to create device templates from feature templates is to first create one or more custom feature templates and then create device templates. You can create multiple feature templates for the same feature. For a list of feature templates, see Available Feature Templates.

  1. Click Feature.

  2. Click Add Template.

  3. From Select Devices, select the type of device for which you wish to create a template.

    You can create a single feature template for features that are available on multiple device types. You must, however, create separate feature templates for software features that are available only on the device type you are configuring.

  4. Select the feature template. The template form is displayed.

    This form contains fields for naming the template and fields for defining the required parameters. If the feature has optional parameters, then the template form shows a plus sign (+) after the required parameters.

  5. In the Template Name field, enter a name for the feature template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.

  6. In the Description field, enter a description for the feature template.

    This field is mandatory, and it can contain any characters and spaces.

  7. For each required parameter, choose the desired value, and if applicable, select the scope of the parameter. Select the scope from the drop-down list of each parameter's value box.

  8. Click the plus sign (+) from the required parameters to set the values of optional parameters.

  9. Click Save.

  10. Repeat Steps 2 to 9 for each additional feature template you wish to create.

  11. Click Device.

  12. Click the Create Template drop-down list and select From Feature Template.

  13. From the Device Model drop-down list, select the type of device for which you wish to create the device template.

    Cisco SD-WAN Manager displays the feature templates for the device type you selected. The required feature templates are indicated with an asterisk (*). The remaining templates are optional.

  14. In the Template Name field, enter a name for the device template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.

  15. In the Description field, enter a description for the device template.

    This field is mandatory, and it can contain any characters and spaces.

  16. To view the factory-default configuration for a feature template, select the desired feature template and click View Template.

  17. Click Cancel to return to the Configuration Template screen.

  18. To use the factory-default configuration, click Create to create the device template. The new device template is displayed in the Device Template table. The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "Feature" to indicate that the device template was created from a collection of feature templates.

  19. To modify the factory-default configuration, select the feature template for which you do not wish to use the factory-default template. From the drop-down list of available feature templates, select a feature template that you created.

  20. Repeat Step 19 for each factory-default feature template you wish to modify.

  21. Click Create. The new configuration template is displayed in the Device Template table.

    The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "Feature" to indicate that the device template was created from a collection of feature templates.

Create a Device CLI Template

To create a device template by entering a CLI text-style configuration directly on the Cisco SD-WAN Manager:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click the Create Template drop-down list and select CLI Template.

  4. From the Device Type drop-down list, select the type of device for which you wish to create the template.

  5. In the Template Name field, enter a name for the device template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (–), and underscores (_). It cannot contain spaces or any other characters.

  6. In the Description field, enter a description for the device template.

    This field is mandatory, and it can contain any characters and spaces.

  7. In the CLI Configuration box, enter the configuration either by typing it, cutting and pasting it, or uploading a file.

  8. To convert an actual configuration value to a variable, select the value and click Create Variable. Enter the variable name, and click Create Variable. You can also type the variable name directly, in the format {{variable-name}}; for example, {{hostname}}.

  9. Click Add. The new device template is displayed in the Device Template table.

    The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "CLI" to indicate that the device template was created from CLI text.

Manage Device Templates

Table 2. Feature History

Feature Name

Release Information

Description

Support for Draft Mode in Device Template

Cisco IOS XE Catalyst SD-WAN Release 17.5.1a

Cisco vManage Release 20.5.1

This feature allows you to save the device template configuration changes in Cisco SD-WAN Manager, and then apply these configuration changes to multiple Cisco IOS XE Catalyst SD-WAN devices later. The ability to save configuration changes simplifies generating larger device template configurations and applying them to devices.

Edit a Device Template

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates or Feature Templates, and select a template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device, and Feature Templates is titled Feature.

  3. Click , and click Edit.

You cannot change the name of a device or feature template when that is attached to a device.


Note

You can edit templates simultaneously from one or more Cisco SD-WAN Manager servers. For simultaneous template edit operations, the following rules apply:

  • You cannot edit the same device or feature template simultaneously.

  • When you are editing a device template, all other feature templates attached to that device template are locked and you cannot perform any edit operations on them.

  • When you are editing a feature template that is attached to a device template, that device template as well as all other feature templates attached to it are locked and you cannot perform any edit operations on them.

Delete a Template

Deleting a template does not remove the associated configuration from devices.

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates or Feature Templates, and select a template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device, and Feature Templates is titled Feature.

  3. Click , and click Delete.

  4. To confirm the deletion of the template, click OK.

Copy a Template

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates or Feature Templates, and select a template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device, and Feature Templates is titled Feature.

  3. Click , and click Copy.

  4. Enter a new template name and description.

  5. Click Copy.

Edit a CLI Device Template

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates, and select a template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Edit.

  4. Under Device CLI Template, edit the template.

  5. Click Update.

Use Variable Values in Configuration Templates

An overlay network might have multiple devices of the same type that have nearly identical configurations. This situation most commonly occurs with routers when the routers that are located in multiple stores or branch locations provide identical services, but each individual router has its own hostname, IP address, GPS location, and other site-specific properties, such as BGP neighbors. This situation also occurs in a network with redundant controller devices, such as Cisco Catalyst SD-WAN Controllers, which must all be configured with identical policies, and Cisco SD-WAN Manager systems. Again, each controller has its own individual parameters, such as hostname and IP address.

To simplify the configuration process for these devices, you can create a single configuration template that contains both static configuration values and variable values. The static values are common across all the devices, and the variable values apply only to an individual device. You provide the actual values for the variables when you attach the individual device to the device configuration template.

You can configure a variable value for a parameter in a feature configuration template in two ways:

  • Select the parameter scope to be Device Specific—For an individual configuration parameter, select Device Specific to mark the parameter as a variable. Each variable must be identified by a unique text string, which is called a key. When you select Device Specific, an Enter Key box opens and displays the default key. You can use the default key, or you can change it by typing a new string and then moving the cursor out of the Enter Key box.

  • Mark a group of related parameters as optional—For some features in some feature configuration templates, you can mark the entire feature as optional. To mark the feature in this way, click Mark as Optional Row in a section of a feature configuration template. The variable parameters are then dimmed, and you cannot configure values for them in the feature configuration template.

You enter the device-specific values for the variables when you attach the device to the configuration, in one of the following ways:

  • From a file—When you are attaching a template to a device, you load a file to Cisco SD-WAN Manager. This is an Excel file in CSV format that lists all the variables and defines the variable's value for each device.

  • Manually—When you attach a device template to a device, the Cisco SD-WAN Manager prompts you for the values for each of device-specific parameters, and you type in the value for each parameter.


Note

Cisco Catalyst SD-WAN supports up to 500 variables in a template push operation.

Use a File for Variable Parameters

To load device-specific variable values from a file, you create a template variables file. This file is an Excel file in CSV format that lists all the variables in your the configurations of your devices and defines the values for each variable. You create this file offline and then import it into Cisco SD-WAN Manager server when you attach a device configuration to one or more devices in the overlay network.

We recommend that you create a template variables CSV file when your overlay network has more than a small number of Cisco IOS XE Catalyst SD-WAN devices.

CSV File Format

The CSV file is an Excel spreadsheet that contains one column for each variable that is required for the configuration of a device. The header row contains the variable names (one variable per column), and each row after that corresponds to a device and defines the values of the variables for that device.

You can create a single spreadsheet for all devices in the overlay network—Cisco IOS XE Catalyst SD-WAN devices, Cisco SD-WAN Manager systems, Cisco Catalyst SD-WAN Controllers, and Cisco Catalyst SD-WAN Validators—or you can create one spreadsheet for each device type. The system determines the device type from its serial number.

In the spreadsheet, for each device type and for each individual device, you specify values only for the required variables. When you do not need to specify a value for a variable, simply leave that cell blank.

The first three columns in the spreadsheet must be the following items and must be in the order shown:

Column

Column Heading

Description

1

csv-deviceId

Serial number of the device (used to uniquely identify the device). For Cisco IOS XE Catalyst SD-WAN devices, you receive the serial numbers in the authorized serial number file sent to you from Cisco. For other devices, the serial number is included in the signed certificate you receive from Symantec or from your root CA.

2

csv-deviceIP

System IP address of the device (used to populate the system ip address command).

3

csv-host-name

Hostname of the device (used to populate the system hostname command).

The headings for the remaining columns must be unique variable keys that are defined in the Enter Key box of a feature configuration template. These remaining columns can be in any order.

Generate a Skeleton CSV File

You can create a template variables CSV file manually, with the format described in the previous section, or you can haveCisco SD-WAN Manager generate a skeleton CSV file that contains all the required columns and column headings. This generated CSV file has one row for each Cisco device type, and it has the column headings for each of the variables that are required by all the feature templates included in the device configuration. The column heading text corresponds to the key string that identifies a device-specific parameter. Then you populate the rows with values for each variable.

To have Cisco SD-WAN Manager generate a skeleton CSV file:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Feature Templates, and click Add Template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Feature Templates is titled Feature.

  3. Create the required feature templates for one Cisco IOS XE Catalyst SD-WAN device router, one Cisco Catalyst SD-WAN Controller, one Cisco SD-WAN Manager system, and one Cisco Catalyst SD-WAN Validator.

    In each feature template:

    1. For fields that have default values, verify that you want to use that value for all devices. If you do not want to use the default, change the scope to Global or Device-specific.

    2. For fields that apply to all devices, select the Global icon next to the field and set the desired global values.

    3. For fields that are device specific, select the Device-specific icon next to the field and leave the field blank.

  4. For each Cisco device type, create a device template.

  5. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  6. Click Device Templates, and select the desired device template from the template list table.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  7. Click , and click Export CSV.

  8. Repeat Steps 7 and 8 for each device template.

Edit the exported CSV file, adding at a minimum the device serial number, device system IP address, and device hostname for each device in the overlay network. Then add values for desired device-specific variables for each device. Note that variable names cannot contain forward slashes (/), backwards slashes (\), or parentheses (( )).

If desired, you can combine the CSV files into a single file.

Import a CSV File

To use the device-specific variable values in the CSV file, import the file when you are attaching a device template to the Viptela device:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. For the desired template, click ..., and select Attach Devices.

  4. In the Attach Devices dialog box, select the desired devices in Available Devices and click the arrow to move them to Selected Devices.

  5. Click Attach.

  6. Click the Up arrow. The Upload CSV File box displays.

  7. Choose the CSV file to upload, and click Upload.

During the attachment process, click Import file to load the Excel file. If Cisco SD-WAN Manager detects duplicate system IP addresses for devices in the overlay network, it displays a warning message or a pop-up window. You must correct the system IP addresses to remove any duplicates before you can continue the process of attaching device templates to Viptela devices.

Manually Enter Values for Device-Specific Variables and for Optional Rows

For parameters in a feature template that you configure as device-specific, when you attach a device template to a device, Cisco SD-WAN Manager prompts you for the values to use for these parameters. Entering device-specific values in this manner is useful in test or POC networks, or if you are deploying a small network. This method generally does not scale well for larger networks.

For situations in which the configuration for many devices is identical except for a few parameters, in the feature configuration template, you can specify that the parameter be an optional row in the configuration. By selecting optional row, the feature template automatically marks the parameters as device-specific, and these parameters are dimmed so that you cannot set them in the template. You do not have to individually mark the parameters as device specific. Then, when you attach a device template to a device, Cisco SD-WAN Manager prompts you for the values to use for these parameters. Using optional rows to enter device-specific values is useful when a group of many Cisco IOS XE Catalyst SD-WAN devices provide identical services at their branch or site, but individual routers have their own hostname, IP address, GPS location, and other site or store properties, such as BGP neighbors.

Optional rows are available for some parameters in some feature configuration templates. To treat a parameter or set of parameters as an optional row, click the Mark as Optional Row box. For these types of parameters, the feature configuration template has a table listing all the configured parameters. The Optional column indicates which are optional rows,

To manually enter values for device-specific variables or for variables in optional rows when you attach the template to a device:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates, and select the desired device template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Attach Devices. The Attach Devices dialog box opens.

  4. Choose one or more devices from Available Devices and move them to Selected Devices.

  5. Click Attach.

  6. In the Chassis Number list, select the desired device.

  7. Click , and click Edit Device Template. The Update Device Template dialog box opens.

  8. Enter values for the optional parameters. When you are using optional rows, if you do not want to include the parameter for the specific device, do not specify a value.

  9. Click Update.

  10. Click Next.

    If any devices have the same system IP address, a dialog box appears or an error message is displayed when you click Next. Modify the system IP addresses so that there are no duplicates, and click Save. Then click Next again.


    Note

    You need to shut down the OMP on the device, before changing the system-ip on the device.

  11. In the left pane, select the device. The right pane displays the device configuration and the Config Preview tab in the upper right corner is selected.

  12. Click Config Diff to preview the differences between this configuration and the configuration currently running on the device, if applicable. To edit the variable values entered in the previous screen, click Back.

  13. Click Configure Devices to push the configuration to the devices.

    The Status column displays whether the configuration was successfully pushed. Click the right angle bracket to the left of the row to display details of the push operation.

View Device Templates

View a Template

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates or Feature Templates, and select a template you wish to view.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device, and Feature Templates is titled Feature.

  3. Click , and then click View.

View Device Templates Attached to a Feature Template

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Feature Templates, and select a template you wish to view.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Feature Templates is titled Feature.

  3. Click , and click Show Attached Device Templates.

    Device Templates dailog box opens, displaying the names of the device templates to which the feature template is attached.

View Devices Attached to a Device Template

For a device template that you created from feature templates:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates, and select a template you wish to view.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Attach Devices.

  4. From Attach Devices, click Attached Devices.

For a device template that you created from a CLI template:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates, and select a template you wish to view.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and then click Show Attached Devices.

Attach and Detach a Device Template

To configure a device on the network, you attach a device template to the device. You can attach only one device template to a device, so the template—whether you created it by consolidating individual feature templates or by entering a CLI text-style configuration—must contain the complete configuration for the device. You cannot mix and match feature templates and CLI-style configurations.

On Cisco IOS XE Catalyst SD-WAN devices in the overlay network, you can perform the same operations, in parallel, from one or more Cisco SD-WAN Manager servers. You can perform the following template operations in parallel:

  • Attach a device template to devices

  • Detach a device template from a device

  • Change the variable values for a device template that has devices attached to it

For template operations, the following rules apply:

  • When a device template is already attached to a device, you can modify one of its feature templates. Then when you click Update > Configure Devices, all other template operations—including attach devices, detach devices, and edit device values—are locked on all Cisco SD-WAN Manager servers until the update operation completes. This means that a user on another Cisco SD-WAN Manager server cannot perform any template operations until the update completes.

  • You can perform the attach and detach device template operations on different devices, from one or more Cisco SD-WAN Manager servers, at the same time. However, if any one of these operations is in progress on one Cisco SD-WAN Manager server, you cannot edit any feature templates on any of the servers until the attach or detach operation completes.


Note

You need to recreate the feature templates as the templates created prior to Cisco vManage Release 20.5 fails when attached to the device.

If the device being configured is present and operational on the network, the configuration is sent to the device immediately and takes effect immediately. If the device has not yet joined the network, the pushing of the configuration to the device is scheduled. When the device joins the network, Cisco SD-WAN Manager pushes the configuration immediately after it learns that the device is present in the network.

Attach a Device Template to Devices

You can attach the same templates to multiple devices, and you can do so simultaneously, in a single operation.

To attach a device template to one or more devices:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates and select the desired template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Attach Devices. The Attach Devices dialog box opens with the Select Devices tab selected

  4. In the Available Devices column on the left, select a group and search for one or more devices, select a device from the list, or click Select All.

  5. Click the arrow pointing right to move the device to the Selected Devices column on the right.

  6. Click Attach.

  7. If the template contains variables, enter the missing variable values for each device you selected in one of the following ways:

    • Enter the values manually for each device either in the table column or by clicking ... and Edit Device Template. When you are using optional rows, if you do not want to include the parameter for the specific device, do not specify a value.

    • Click Import File to upload a CSV file that lists all the variables and defines each variable's value for each device.

  8. Click Update

  9. Click Next.

    If any devices have the same system IP address, a dialog box appears or an error message is displayed when you click Next. Modify the system IP addresses so that there are no duplicates, and click Save. Then click Next again.

  10. In the left pane, select the device, to preview the configuration that is ready to be pushed to the device. The right pane displays the device's configuration and the Config Preview tab is selected. Click the Config Diff tab to view the differences between this configuration and the configuration currently running on the device, if applicable. Click the Back button to edit the variable values entered in the previous screen.

  11. If you are attaching a Cisco IOS XE Catalyst SD-WAN device, click Configure Device Rollback Timer to configure the time interval at which the device rolls back to its previous configuration if the router loses its control connection to the overlay network. The Configure Device Rollback Time dialog box is displayed.

    1. From the Devices drop-down list, select a device.

    2. To enable the rollback timer, in the Set Rollback slider, drag the slider to the left to enable the rollback timer. When you do this, the slider changes in color from gray to green.

    3. To disable the rollback timer, click the Enable Rollback slider. When you disable the timer, the Password field dialog box opens. Enter the password that you used to log in to Cisco SD-WAN Manager.

    4. In the Device Rollback Time slider, drag the slider to the desired value. The default time is 5 minutes. You can configure a time from 6 to 15 minutes.

    5. To exclude a device from the rollback timer setting, click Add Exception and select the devices to exclude.

    6. The table at the bottom of the Configure Device Rollback Time dialog box lists all the devices to which you are attaching the template and their rollback time. To delete a configured rollback time, click the Trash icon from the device name.

    7. Click Save.

  12. Click Configure Devices to push the configuration to the devices. The Status column displays whether the configuration was successfully pushed. Click the right angle bracket to display details of the push operation.

Export a Variables Spreadsheet in CSV Format for a Template

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates and select the desired template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Export CSV.

Determine Why a Device Rejects a Template

When you attach a template to a device using the screen, the device might reject the template. One reason that this may occur is because the device template contains incorrect variable values. When a device rejects a template, it reverts to the previous configuration.

To determine why the device rejected the template:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Locate the device. The Template Status column indicates why the device rejected the template.

Edit a Device Template When a Push Fails

Table 3. Feature History

Feature Name

Release Information

Description

Retrieve Last Edited Configuration

Cisco IOS XE Catalyst SD-WAN Release 17.5.1a

Cisco vManage Release 20.5.1

This feature allows you to review the last edited configuration when a configuration push to the device fails. A copy of the last edited configuration is saved and can be retrieved to allow edits to the configuration before the next push.

If you pushed a configuration to a device, and if the push fails, you can review the configuration you last edited to identify any issues that caused a failure in pushing the configuration to the device.

Prerequisites

To review your last edited configuration, a device template must be attached to a device.

Review Last Edited Configuration in Cisco SD-WAN Manager

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates, and choose a device template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click ..., and choose Edit.

    The CLI Configuration box displays the current running configuration on the device.

  4. Click Load Last Attempted Config to view the last edited configuration.

  5. Click Config Diff to view the differences in the current configuration versus the last edited configuration. The Config Diff option is available when you modify the configuration or when you click Load Last Attempted Config.

  6. Click Config Preview.


    Note

    Load Last Attempted Config and the Config Diff option is available only when the configuration is not being pushed to the device.

  7. Click Update.

  8. Click Configure Devices to push the configuration to the devices. The Status column displays whether the configuration was successfully pushed. Click > to view the details of the push operation.

Change the Device Rollback Timer

By default, when you attach a Cisco IOS XE Catalyst SD-WAN device to a configuration template, if the router is unable to successfully start after 5 minutes, it returns to, or rolls back to, the previous configuration. For a configuration that you have created from the CLI, you can change the device's rollback timer:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates, and choose a device template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Change Device Values.

    The right pane displays the device's configuration, and the Config Preview tab is selected.

  4. In the left pane, click the name of a device.

  5. Click Configure Device Rollback Timer. The Configure Device Rollback Time pop up page is displayed.

  6. From the Devices drop-down list, select a device.

  7. To enable the rollback timer, in the Set Rollback slider drag the slider to the left to enable the rollback timer. When you do this, the slider changes in color from gray to green.

  8. To disable the rollback timer, click Enable Rollback slider. When you disable the timer, the Password field dialog box appears. Enter the password that you used to log in to Cisco SD-WAN Manager.

  9. In the Device Rollback Time slider, drag the slider to the desired value. The default time is 5 minutes. You can configure a time from 6 to 15 minutes.

  10. To exclude a device from the rollback timer setting, click Add Exception and select the devices to exclude.

  11. The table of the Configure Device Rollback Time dialog box lists all the devices to which you are attaching the template and their rollback time. To delete a configured rollback time, click the Trash icon of the device name.

  12. Click Save.

  13. Click Configure Devices to push the configuration to the devices. The Status column displays whether the configuration was successfully pushed. Click (+) to display details of the push operation.

Preview Device Configuration and View Configuration Differences

For a configuration that you have created from the CLI:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates, and choose the desired device template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click ..., and click Change Device Values.

    The right pane displays the device's configuration, and Config Preview is selected.

  4. Click the name of a device.

  5. Click Config Diff to view the differences between this configuration and the configuration currently running on the device, if applicable. Click Back to edit the variable values entered in the previous screen.

  6. Click Configure Devices to push the configuration to the devices. The Status column displays whether the configuration was successfully pushed. Click the right angle bracket to display details of the push operation.

Change Variable Values for a Device

For a configuration that you have created from device configuration templates, if the templates contain variables, Cisco SD-WAN Manager can automatically populate the variables with actual values when you attach the templates to the devices. To do this, you create an Excel file that lists the variable values for each device and save the file in CSV format. You can also enter values for these variables manually.

After you have pushed the configuration to a device, you can change the value assigned to any variable:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates, and choose the desired device template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click ..., and click Change Device Values.

    The screen displays a table of all the devices that are attached to that device template.

  4. For the desired device, click ..., and click Edit Device Template.

  5. In the Update Device Template dialog box, enter values for the items in the variable list.

  6. Click Update.

  7. Click Next.

  8. Click Configure Devices to push the configuration to the device. The Status column displays if the configuration was successfully pushed or not. Click the right angle bracket to display the details of the push operation.

Default Device Templates

Table 4. Feature History

Feature Name

Release Information

Description

Default Device Templates

Cisco IOS XE Catalyst SD-WAN Release 17.2.1r

A default device template provides basic information that you can use to bring up devices in a deployment quickly.

This feature is supported on the Cisco Cloud Services Router 1000V Series, Cisco C1111-8PLTELA Integrated Services Routers, and Cisco 4331 Integrated Services Routers.

A default device template provides basic information that you can use to bring up devices in a deployment. It provides a way for you to quickly provision devices with the minimum information that they need to operate in your network.

You cannot directly edit or update information in a device default template, but you can copy the template and then edit the copy.

To use a default device template:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. From the Template Type drop-down list, select Default.

    A list of default device templates displays.

  4. Perform any of these actions:

    • To attach a default device template to devices, click ..., and select Attach Devices.

      In the Attach Devices dialog box, select the devices that you want attach, and then click Attach.

    • To view the configuration settings for a default device template, click ..., and choose View.

    • To copy a default device template, click ..., and choose View.

      In the Template Copy dialog box, enter a unique name and a description for the copy that you are creating, and then click Copy.

      The copied version becomes a feature template that you can edit.

    • To create an Excel file in CSV format that contains device-specific settings from a device template, click ..., and choose Export CSV. Use the dialog box that displays to open or save the CSV file.

      You can use this CSV file as a reference for device-specific settings when you create other device templates.

Configuring Devices using Cisco SD-WAN Manager

Use the Devices screen to add and delete devices, toggle the mode of a device between CLI and Cisco SD-WAN Manager, upload the WAN Edge Serial number file, export bootstrap configuration and, and perform other device-related tasks.

1

Menu

2

CloudExpress

3

Tasks

4

Alarms

5

Help

6

User Profile

Change Configuration Modes

A device can be in either of these configuration modes:

  • Cisco SD-WAN Manager mode–A template is attached to the device and you cannot change the configuration on the device by using the CLI.

  • CLI mode – No template is attached to the device and the device can be configured locally by using the CLI.

When you attach a template to a device from Cisco SD-WAN Manager, it puts the device in Cisco SD-WAN Manager mode. You can change the device back to CLI mode if needed to make local changes to its configuration.

To toggle a router from Cisco SD-WAN Manager mode to CLI mode:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click WAN Edge List, and select a device.

  3. Click the Change Mode drop-down list and select CLI mode.


Note

Starting from Cisco IOS XE SD-WAN Release 17.11.1a, click the ... icon adjacent to the device that you want to change from Cisco SD-WAN Manager mode to the CLI mode and click Config Lock (Provision Device).

The Config Lock (Provision Device) option appears only if a template is attached to the device or if a configuration group is deployed to the device.

An SSH window opens. To log in to the device, enter a username and password. You can then issue CLI commands to configure or monitor the device.

To toggle a controller device from Cisco SD-WAN Manager mode to CLI mode:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click Controllers, and select a device.


    Note

    Starting from Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

  3. Click the Change Mode drop-down list.

  4. Select CLI mode and then select the device type. The Change Mode - CLI window opens.

  5. From the Manager mode pane, select the device and click the right arrow to move the device to the CLI mode pane.

  6. Click Update to CLI Mode.

An SSH window opens. To log in to the device, enter a username and password. You can then issue CLI commands to configure or monitor the device.


Note

Starting from Cisco IOS XE SD-WAN Release 17.11.1a, click the ... icon adjacent to the device that you want to change from Cisco SD-WAN Manager mode to the CLI mode and click Config Lock (Provision Device).

The Config Lock (Provision Device) option appears only if a template is attached to the device or if a configuration group is deployed to the device.

Upload WAN Edge Router Authorized Serial Number File

Table 5. Feature History

Feature Name

Release Information

Description

Remove Certificate SUDI requirement

Cisco IOS XE Catalyst SD-WAN Release 17.3.1a

Cisco vManage Release 20.3.1

This feature allows you to use a subject SUDI serial number instead of a certificate serial number to add a device to a Cisco Catalyst SD-WAN overlay network.

The WAN eEdge router authorized serial number file contains, as applicable, the subject SUDI serial number, the chassis number, and the certificate serial numbers of all valid Cisco IOS XE Catalyst SD-WAN devices in the overlay network. You retrieve a serial number file from the Cisco Plug-and-Play (PnP) portal and upload it to Cisco SD-WAN Manager. (For more information abou Cisco PnP, see Cisco Plug and Play Support Guide for Cisco Catalyst SD-WAN Products.) From Cisco SD-WAN Manager, you send the file to the controllers in the network. This file is required to allow the Cisco Catalyst SD-WAN overlay network components to validate and authenticate each other and to allow the overlay network to become operational.

To upload the WAN edge router authorized serial number file to Cisco SD-WAN Manager and then download it to controllers in the network:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click WAN Edge List, and click Upload WAN Edge List.

  3. Under Upload WAN Edge List screen:

    1. Click Choose File and select the WAN edge router authorized serial number file you received from Cisco PnP.

    2. To automatically validate the routers and send their chassis and serial numbers to the controllers, ensure that the Validate the uploaded vEdge List and send to controllers check box is selected. If you do not select this option, you must individually validate each router in Configuration > Certificates > WAN Edge List.

    3. Click Upload.

A list of routers in the network is displayed in the router table, with details about each router.

Starting from Cisco vManage Release 20.9.2, you can monitor the newly added WAN Edge devices in the Monitor > Devices page.

Upload WAN Edge Router Serial Numbers from Cisco Smart Account

To allow Cisco Catalyst SD-WAN overlay network components to validate and authenticate each other and to allow the overlay network to become operational, Cisco Catalyst SD-WAN requires chassis numbers of all valid Cisco IOS XE Catalyst SD-WAN devices in the overlay network.

In addition, certificate serial numbers, subject SUDI serial numbers, or both numbers are required for all devices.

To upload the WAN edge router authorized serial numbers from a Cisco Smart account to Cisco SD-WAN Manager and then download it to all the controllers in the overlay network:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click WAN Edge List, and click Sync Smart Account.

  3. In the Sync Smart Account window:

    1. Enter the Username and Password for your Smart account.

    2. To automatically validate the routers and send their chassis and serial numbers to the controllers, check the Validate the Uploaded WAN Edge List and Send to Controllers check box. If you do not select this option, you must individually validate each router in Configuration > Certificates > WAN Edge List.

    3. Click Sync.

A list of routers in the network is displayed in the router table, with details about each router.

Starting from Cisco vManage Release 20.9.2, you can monitor the newly added WAN Edge devices in the Monitor > Devices page.

Export Device Data in CSV Format

In an overlay network, you might have multiple devices of the same type that have identical or effectively identical configurations. For example, in a network with redundant Cisco Catalyst SD-WAN Controllers, each controller must be configured with identical policies. Another example is a network with Cisco IOS XE Catalyst SD-WAN devices at multiple sites, where each Cisco IOS XE Catalyst SD-WAN device is providing identical services at each site.

Because the configurations for these devices are essentially identical, you can create one set of feature templates, which you then consolidate into one device template that you use to configure all the devices. You can create an Excel file in CSV format that lists the variables and defines each device specific variable value for each device. Then you can load the file when you attach a device template to a device.

To export data for all devices to a file in CSV format, click the Export icon. This icon, which is a downward-pointing arrow, is located to the right of the filter criteria both in the WAN Edge List and in the Controllers tab.


Note

Starting from Cisco IOS XE Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

Cisco SD-WAN Manager downloads all data from the device table to an Excel file in CSV format.

View and Copy Device Configuration

View a Device's Running Configuration

Running configuration is configuration information that Cisco SD-WAN Manager obtains from the memory of a device. This information can be useful for troubleshooting.

To view a device's running configuration:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click WAN Edge List or Controllers, and select the device.


    Note

    Starting from Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

  3. Click , and click Running Configuration.

View a Device's Local Configuration

Local configuration is configuration that Cisco SD-WAN Manager has stored for a device. This information can be useful for troubleshooting or for determining how to access a device if, for example, a device is not reachable from Cisco SD-WAN Manager.

To view a device's local configuration created using Configuration ► Templates:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click WAN Edge List or Controllers, and select the device.


    Note

    Starting from Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

  3. Click , and click Local Configuration.

Copy Router Configuration

When you are replacing one router at a site with another router, you copy the old router's configuration to the new router. Then you remove the old router from the network and add the new one.

To copy the configuration from the old router to the new router:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Certificates.

  2. Mark the new Cisco IOS XE Catalyst SD-WAN device as invalid.

  3. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  4. Under WAN Edge List, select the old router.

  5. Click , and click Copy Configuration.

  6. In the Copy Configuration window, select the new router.

  7. To confirm the copy of the configuration, click Update.

After you have copied the configuration to the new router, you can add the new router to the network. First, delete the old router from the network, as described below. Then add the new router to the network:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Certificates.

  2. Mark the new router as valid.

  3. Click Send to Controller.

Delete a WAN Edge Router

Delete a router if you need to remove it from your deployment. Doing so removes from the WAN edge router serial number list any of the following items that are stored for the router:

  • Chassis number

  • Certificate serial number

  • Subject SUDI serial number


Note
Deleting a router also permanently removes the router configuration from Cisco SD-WAN Manager.

To delete a router:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Certificates.

  2. Mark the WAN Edge router as invalid.

  3. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  4. Click WAN Edge List, and select the router.

  5. Click ..., and click Delete WAN Edge.

  6. To confirm deletion of the device, click OK.

  7. From the Cisco SD-WAN Manager menu, choose Configuration > Certificates.

  8. Click Send to Controller.

Decommission a Cloud Router

Decommissioning a cloud router (such as a Cisco Cloud Services Router 1000V) removes the device's serial number from Cisco SD-WAN Manager and generates a new token for the device. To do so:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click WAN Edge List, and select a cloud router.

  3. Click , and click Decommission WAN Edge.

  4. To confirm the decommissioning of the router, click OK.

View Template Log and Device Bringup

View Log of Template Activities

A log of template activities contains information that relates to creating, editing, and deleting configuration templates, and the status of attaching configuration templates to devices. This information can be useful for troubleshooting.

To view a log of template activities:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click WAN Edge List or Controllers, and select the device.


    Note

    Starting from Cisco IOS XE Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

  3. Click , and click Template Log.

View Status of Device Bringup

You can view the status of the operations involved in bringing a router or controller up in the overlay network. This information can help you monitor these operations.

To view the status of a device bringup:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click WAN Edge List or Controllers, and select the device.


    Note

    Starting from Cisco IOS XE Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

  3. Click , and click Device Bring Up.

Add a Cisco SD-WAN Validator

A Cisco Catalyst SD-WAN Validator automatically orchestrates connectivity between Cisco IOS XE Catalyst SD-WAN devices and Cisco SD-WAN Manager. If any Cisco IOS XE Catalyst SD-WAN device or Cisco Catalyst SD-WAN Controller is behind a NAT, the Cisco Catalyst SD-WAN Validator also serves as an initial NAT-traversal orchestrator. To add a Cisco Catalyst SD-WAN Validator:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click Controllers.


    Note

    Starting from Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN.

  3. Click Add Validator.

  4. In the Add Validator window:

    1. Enter Validator Management IP Address of the Cisco SD-WAN Validator.

    2. Enter the Username and Password to access the Cisco SD-WAN Validator.

    3. To allow the certificate-generation process to occur automatically, check the Generate CSR check box.

    4. Click Add.

  5. Repeat Steps 2, 3 and 4 to add additional Cisco Catalyst SD-WAN Validators.

The new Cisco Catalyst SD-WAN Validator is added to the list of controllers in the Controllers screen.

Configure Cisco SD-WAN Controllers

Add a Cisco SD-WAN Controller

After the Cisco Catalyst SD-WAN Validator authenticates Cisco IOS XE Catalyst SD-WAN devices, the Cisco Catalyst SD-WAN Validator provides Cisco IOS XE Catalyst SD-WAN devices information that they need to connect to the Cisco Catalyst SD-WAN Controller. A Cisco Catalyst SD-WAN Controller controls the flow of data traffic throughout the network via data and app-route policies. To configure Cisco Catalyst SD-WAN Controllers:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click Controllers.


    Note

    Cisco IOS XE Catalyst SD-WAN Release Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

  3. Click Add Controller.

  4. In the Add Controller window:

    1. Enter the system IP address of the Cisco Catalyst SD-WAN Controller.

    2. Enter the username and password to access the Cisco Catalyst SD-WAN Controller.

    3. Select the protocol to use for control-plane connections. The default is DTLS. The DTLS (Datagram Transport Layer Security) protocol is designed to provide security for UDP communications.

    4. If you select TLS, enter the port number to use for TLS connections. The default is 23456.

      The TLS (Transport Socket Layer) protocol that provides communications security over a network.

    5. Check the Generate CSR check box to allow the certificate-generation process to occur automatically.

    6. Click Add.

  5. Repeat Steps 2, 3 and 4 to add additional Cisco Catalyst SD-WAN Controllers. Cisco SD-WAN Manager can support up to 20 Cisco Catalyst SD-WAN Controllers in the network.

The new Cisco Catalyst SD-WAN Controller is added to the list of controllers in the Controllers screen.

Edit Controller Details

Editing controller details lets you update the IP address and login credentials of a controller device. To edit controller details:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click Controllers, and select the controller.


    Note

    Cisco IOS XE Catalyst SD-WAN Release Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

  3. Click , and click Edit.

  4. In the Edit window, edit the IP address and the login credentials.

  5. Click Save.

Delete a Controller

Deleting a controller removes it from the overlay. Delete a controller it if you are replacing it or if you no longer need it in your network.

To delete a controller:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click Controllers, and select the controller.


    Note

    Cisco IOS XE Catalyst SD-WAN Release Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

  3. Click , and click Invalidate.

  4. To confirm the removal of the device and all its control connections, click OK.

Configure Reverse Proxy on Controllers

To configure reverse proxy on an individual Cisco SD-WAN Manager and Cisco Catalyst SD-WAN Controller:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Devices.

  2. Click Controllers, and select the controller.


    Note

    Cisco IOS XE Catalyst SD-WAN Release Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.

  3. Click , and click Add Reverse Proxy.

    The Add Reverse Proxy dialog box is displayed.

  4. Click Add Reverse Proxy.

  5. Configure the private IP address and port number for the device. The private IP address is the IP address of the transport interface in VPN 0. The default port number is 12346. This is the port used to establish the connections that handle control and traffic in the overlay network.

  6. Configure the proxy IP address and port number for the device, to create the mapping between the private and public IP addresses and port numbers.

  7. If the Cisco SD-WAN Manager NMS or Cisco Catalyst SD-WAN Controller has multiple cores, repeat Steps 5 and 6 for each core.

  8. Click Add.

To enable reverse proxy in the overlay network, from the Cisco SD-WAN Manager menu, choose Administration > Settings. Then Proxy. Go to Reverse Proxy, and enable Reverse Proxy. Click Save.

Create a UCS-E Template

Table 6. Feature History

Feature Name

 Release Information Feature Description

Create a UCS-E Template

Cisco IOS XE Catalyst SD-WAN Release 16.12.1b

 This feature allows you to connect a UCS-E interface with a UCS-E server through the interface feature template.
For more information about the Cisco Unified Computing System (UCS) E-Series Servers, see the Cisco UCS E-Series Servers and the Cisco UCS E-Series Network Compute Engine Hardware Installation Guide.

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Templates.

  2. Click Feature Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Feature Templates is titled Feature.

  3. Click Add Template.

  4. Select a Cisco IOS XE Catalyst SD-WAN device from the list.

  5. From the Other Templates section, click UCSE.

    The UCSE Feature template opens. The top of the form contains fields for naming the template, and the bottom contains fields for configuring the Integrated Management Controller (IMC).

  6. In the Template Name field, enter a name for the template.

    The name can be up to 128 characters and can contain only alphanumeric characters.

  7. In the Description field, enter a description of the template.

    The description can be up to 2048 characters and can contain only alphanumeric characters.

Configure Bay and Slot for Template

Click the Basic Configuration tab to configure the bay and the slot for the template.

Parameter Name

Description

Bay

Specify the number for the SAS drive bays.

Slot

Specify the slot numbers for the mezzanine adapters.

IMC Configuration

Click the IMC tab to configure the IMC parameters for the template.

Parameter Name

Description

Access Port

Configure the interface as an access port. You can configure only one VLAN on an access port, and the port can carry traffic for only one VLAN.

Not all hardware models have a dedicated access port. See the Release Notes for your Cisco Catalyst SD-WAN release for the supported hardware.

Available options:

  • Dedicated

  • Shared

    The type of port, GE or TE, depends on the hardware model.

    For example:

    Router(config-ucse)#imc access-port shared-lom ?
GE1 GE1
TE2 TE2
TE3 TE3
console Console
failover Failover

    Some hardware models have GE ports whereas some have TE ports.

    Depending on the hardware module, the appropriate port (GE or TE) needs to be configured. Otherwise you will get an error.

  • You can obtain the UCS-E module hardware model type by using the following commands:

    show inventory

    show platform

  • Failover - sub-option under Shared.

    For example:

    Router(config)#ucse subslot 1/0
    Router(config-ucse)#imc access-port ?
MGMT MGMT Interface
shared-lom Shared LOM
    Router(config-ucse)#imc access-port shared-lom ?
GE1 GE1
TE2 TE2
TE3 TE3
console Console
failover Failover

IPv4 Address

Provide the UCS-E management port address.

Default Gateway

Gateway tracking determine, for static routes, whether the next hop is reachable before adding that route to the device’s route table.

Default: Enabled.

VLAN ID

Provide the VLAN number, which can be a value from 1 through 4094.

Assign Priority

Assign the priority.

Parameter Scope

Scope Description

Global (indicated by a globe icon)

Enter a value for the parameter and apply that value to all devices.

Device Specific (indicated by a host icon)

Use a device-specific value for the parameter.

For device-specific parameters, you cannot enter a value in the feature template. You enter the value when you attach a Cisco Catalyst SD-WAN device to a device template.

When you click Device Specific, the Enter Key box opens. This box displays a key, which is a unique string that identifies the parameter in a CSV file that you create. This file is an Excel spreadsheet that contains one column for each key. The header row contains the key names (one key per column), and each row after that corresponds to a device and defines the values of the keys for that device. You upload the CSV file when you attach a Cisco Catalyst SD-WAN device to a device template.

To change the default key, type a new string and move the cursor out of the Enter Key box.

Default

When Default is selected, this field is not enabled.