Brownfield Validation Messages
This chapter contains the following sections:
Adding Greenfield and Brownfield Devices to Cisco IWAN
The Cisco IWAN application (IWAN app) can add “greenfield” or “brownfield” devices to the IWAN network.
“Greenfield” refers to new, unconfigured devices. Because these devices do not have any pre-existing configuration, there are no conflicts when bringing them into the IWAN network and configuring them using the IWAN app.
“Brownfield” refers to devices that belong to existing sites that are being added to an IWAN network. They may have pre-existing configurations to synchronize with IWAN-based configuration, and these existing configurations may cause conflicts.
Validation
While provisioning a brownfield device, the IWAN app performs a validation to determine whether any configuration conflicts exist. It reports the conflicts in two categories:
- Errors—Conflicts that prevent adding the device to the IWAN network.
- Warnings—Conflicts that do not prevent the device from being added to the IWAN network. It is recommended to correct the configuration issues that trigger validation warnings.
If the IWAN app detects an error or warning during provisioning, correct the issue on the device and perform the validation again. Refer to the Errors and Warnings sections below for details.
Errors
The following table describes errors that can occur during validation. These errors prevent adding a device to the IWAN network.
Table A-1 Validation Errors
|
|
|
Username configuration must have privilege level 15. |
Configure a username with privilege level 15 on the device.
username username privilege 15 password 0 password |
PfR configuration must not be present on the device. |
Ensure that Performance Routing (PfR) configuration is not present on the device.
no domain ONE |
QoS configuration must not be present on the device. |
Ensure that Quality of Service (QoS) configuration is not present on the device.
no class-map match-any nbar-12-cls#VOICE no policy-map nbar-12-cls no policy-map IWAN-INTERFACE-SHAPE-ONLY-INTERNET no service-policy input nbar-12-cls no service-policy output IWAN-INTERFACE-SHAPE-ONLY-INTERNET |
Interface loopback 47233 must not be configured on the device. |
Remove interface loopback 47233 from the device.
no interface loopback47233 |
IWAN trustpoint configuration must not be present on device. |
Remove Cisco IWAN trustpoint configuration from the device.
no crypto pki trustpoint sdn-network-infra-iwan |
VPN routing and forwarding (VRF) configuration must not be present on the device. |
Remove the existing VRFs as VRFs as it will interfere with the Cisco IWAN configuration. Make sure that the routers do not have any of the following VRFs:
- IWAN-TRANSPORT-1
- IWAN-TRANSPORT-2
- IWAN-TRANSPORT-3
- IWAN-TRANSPORT-4
no ip vrf IWAN-TRANSPORT-4 |
Warnings
The following table describes errors that can occur during validation. These warnings do not prevent a device from being added to the IWAN network, but it is recommended to correct the issues that trigger these warnings.
Table A-2 Validation Warnings
|
|
|
Please make sure at least two interfaces for WAN and LAN are up and running. |
Ensure that the two interfaces for WAN and LAN are up and running. Verify using the show ip interface brief command. |
IWAN related crypto configuration found on the device. |
Remove the crypto configuration because the crypto configuration might interfere with the Cisco IWAN configuration.
crypto zeroize mypubkey rsa sdn-network-infra-iwan |
No routing protocol found on device. |
Enable one of the following routing protocols on the device.
router ospf AS number router eigrp AS number router bgp AS number |
EZPM configuration found on the device. |
Remove Easy Performance Monitor (EZPM) configuration as EZPM configuration might interfere with the Cisco IWAN configuration.
no class-map match-all Business-Critical-and-default-tcp-only no performance monitor context IWAN-Context profile application-experience |
NBAR configuration found on the device. |
Remove the Network Based Application Recognition (NBAR) configuration as NBAR configuration might interfere with the Cisco IWAN configuration.
no ip nbar attribute-map Consumer_App_Prof no ip nbar attribute-map Other_Custom no ip nbar attribute-map Net_Admin_Custom |
No device information available for validation. |
Revalidate and if problem persists, ensure the following:
- Device is up and running.
- Device connectivity is established.
|
Device does not have valid image version and K9 package. |
The Cisco IWAN app does not support the Cisco software image loaded on the device. Boot the device with a 15.5(3) or 15.5(4) image with the K9 feature pack.
asr1000rp1-adventerprisek9.03.16.00.S.155-3.S-ext.bin |
Feedback