Configure Devices

You can create and store configurations for all devices—the Cisco vManage systems themselves, Cisco vSmart Controllers, Cisco vBond Orchestrators, and routers— by using Cisco vManage. When the devices start up, they contact Cisco vManage, which then downloads the device configuration to the device. (A device that is starting up first contacts the Cisco vBond Orchestrator, which validates the device and then sends it the IP address of Cisco vManage.)

The general procedure for creating configuration for all devices is the same. This section provides a high-level description of the configuration procedure. It also describes the prerequisite steps that must be performed before you can create configurations and configure devices in the overlay network.

Device Configuration Workflow

Devices in the overlay network that are managed by Cisco vManage must be configured from Cisco vManage. The basic configuration procedure is straightforward:

  1. Create feature templates.

    1. From the Cisco vManage menu, choose Configuration > Templates.

    2. Click Feature Templates, and click Add Templates.


      Note

      In Cisco vManage Release 20.7.x and earlier releases, Feature Templates is titled Feature.

  2. Create device templates.

    1. From the Cisco vManage menu, choose Configuration > Templates.

    2. Click Device Templates, and click Create Templates.


      Note

      In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Attach device templates to individual devices.

    1. From the Cisco vManage menu, choose Configuration > Templates.

    2. Click Device Templates, and choose a template.


      Note

      In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

    3. Click , and select Attach Devices.

Feature Templates

Feature templates are the building blocks of complete configuration for a device. For each feature that you can enable on a device, Cisco vManage provides a template form that you fill out. The form allows you to set the values for all configurable parameters for that feature.

Because device configurations vary for different device types and the different types of routers, feature templates are specific to the type of device.

Some features are mandatory for device operation, so creating templates for these features is required. Also for the same feature, you can create multiple templates for the same device type.


Note

In releases prior to Cisco SD-WAN Release 20.7.1, if you enter < or > special characters in a Cisco vManage feature template definition or description, Cisco vManage generates a 500 exception error while attempting to preview a Cisco vManage feature template.

Starting from Cisco SD-WAN Release 20.7.1, if you enter < or > special characters in a Cisco vManage feature template definition or description, the special characters are converted to their HTML equivalents, &lt; and &gt;. This applies to all feature templates. You no longer receive a 500 exception error when previewing a Cisco vManage feature template.

Device Templates

You create and store configurations for all devices—the Cisco vManage systems themselves, Cisco vSmart Controllers, Cisco vBond Orchestrators, and routers— by using Cisco vManage. When the devices start up, they contact Cisco vManage, which then downloads the device configuration to the device. (A device that is starting up first contacts the Cisco vBond Orchestrator, which validates the device and then sends it the IP address of Cisco vManage.)

Device templates contain complete operational configuration for a device. You create device templates by consolidating individual feature templates.

Each device template is specific for a type of device. For each device type, if multiple devices have the same configuration, you can use the same device template for them. For example, many of the routers in a network might have the same basic configuration, so you can configure them with the same templates. (You specify the differences in the templates using configuration variables, which are discussed below.) If the configurations for the same type of devices are different, you create separate device templates.

You can also create a device template by entering a CLI text-style configuration directly on Cisco vManage. Typically, you upload a text file containing the configuration text (or cut the configuration text from a text file and paste it into Cisco vManage). You can also directly type the configuration text into Cisco vManage.

From Cisco vManage Release 20.5.1, device variable page shows text area instead of text input field to configure CLI device template for the ease of configuration.

Template Variables

Within a feature template, some configuration commands and command options are identical across all device types. Others—such as a device system IP address, its geographic latitude and longitude, the timezone, and the overlay network site identifier—are variable, changing from device to device. When you attach the device template to a device, you are prompted to enter actual values for these command variables. You can do this either manually, by typing the values for each variable and for each device, or you can upload an Excel file in CSV format that contains the values for each device.

Configuration Prerequisites

Security Prerequisistes

Before you can configure any device in the network, that device must be validated and authenticated so that Cisco vManage systems, Cisco vSmart Controllers, and Cisco vBond Orchestrators recognize it as being allowed in the overlay network.

To validate and authenticate the controllers in the overlay network—Cisco vManage systems, vSmart controllers, and Cisco vSmart Controllers, and Cisco vBond Orchestrators—a signed certificate must be installed on these devices.

To validate and authenticate the routers, you receive an authorized serial number file from Cisco, which lists the serial and chassis numbers for all the routers allowed in your network. Then, you upload the serial number file to Cisco vManage.

Variables Spreadsheet

The feature templates that you create most likely contain variables. To have Cisco vManage populate the variables with actual values when you attach a device template to a device, create an Excel file that lists the variable values for each device and save the file in CSV format.

In the spreadsheet, the header row contains the variable name and each row after that corresponds to a device, defining the values of the variables. The first three columns in the spreadsheet must be the following, in this order:

  • csv-deviceId—Serial number of the device (used to uniquely identify the device). For routers, you receive the serial numbers in the authorized serial number file sent to you from Cisco. For other devices, the serial number is included in the signed certificate you receive from Symantec or from your root CA.

    csv-deviceIP—System IP address of the device (used to populate the system ip address command).

  • csv-host-name—Hostname of the device (used to populate the system hostname command).

You can create a single spreadsheet for all devices in the overlay network—Cisco vSmart Controllers, Cisco vBond Orchestrators, and routers. You do not need to specify values for all variables for all devices.

Create a Device Template from Feature Templates

Device templates define a device's complete operational configuration. A device template consists of a number of feature templates. Each feature template defines the configuration for a particular Cisco SD-WAN software feature. Some feature templates are mandatory, indicated with an asterisk (*), and some are optional. Each mandatory feature template, and some of the optional ones, have a factory-default template. For software features that have a factory-default template, you can use either the factory-default template (named Factory_Default_feature-name_Template) or you can create a custom feature template.

Create a Device Template from Feature Templates

To create a device template:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click the Create Template drop-down list, and select From Feature Template.

  4. From the Device Model drop-down list, select the type of device for which you wish to create the template.

    vManage NMS displays all the feature templates for that device type. The required feature templates are indicated with an asterisk (*), and the remaining templates are optional. The factory-default template for each feature is selected by default.

  5. In the Template Name field, enter a name for the device template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.

  6. In the Description field, enter a description for the device template.

    This field is mandatory, and it can contain any characters and spaces.

  7. To view the factory-default configuration for a feature template, select the desired feature template and click View Template.

  8. Click Cancel to return to the Configuration Template screen.

  9. To create a custom template for a feature, select the desired factory-default feature template and click Create Template. The template form is displayed.

    This form contains fields for naming the template and defining the feature parameters.

  10. In the Template Name field, enter a name for the feature template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.

  11. In the Description field, enter a description for the feature template.

    This field is mandatory, and it can contain any characters and spaces.

  12. For each field, enter the desired value. You may need to click a tab or the plus sign (+) to display additional fields.

  13. When you first open a feature template, for each parameter that has a default value, the scope is set to Default (indicated by a check mark), and the default setting or value is shown. To change the default or to enter a value, click the scope drop-down list of the parameter field and select one of the following:

    Table 1.

    Parameter Scope

    Scope Description

    Device Specific (indicated by a host icon)

    Use a device-specific value for the parameter. For device-specific parameters, you cannot enter a value in the feature template. You enter the value when you attach a device to a device template.

    When you click Device Specific, the Enter Key box opens. This box displays a key, which is a unique string that identifies the parameter in a CSV file that you create. This file is an Excel spreadsheet that contains one column for each key. The header row contains the key names (one key per column), and each row after that corresponds to a device and defines the values of the keys for that device. You upload the CSV file when you attach a device to a device template. For more information, see Use Variable Values in Configuration Templates.

    To change the default key, type a new string and move the cursor out of the Enter Key box.

    Examples of device-specific parameters are system IP address, hostname, GPS location, and site ID.

    Global (indicated by a globe icon)

    Enter a value for the parameter, and apply that value to all devices.

    Examples of parameters that you might apply globally to a group of devices are DNS server, syslog server, and interface MTUs.

  14. For some groups of parameters, you can mark the entire group as device-specific. To do this, check the Mark as Optional Row check box.

    These parameters are then grayed out so that you cannot enter a value for them in the feature template. You enter the value or values when you attach a device to a device template.

  15. Click Save.

  16. Repeat Steps 6 through 13 to create a custom template for each additional software feature. For details on creating specific feature templates, see the templates listed in Available Feature Templates.

  17. Click Create. The new configuration template is displayed in the Device Template table.

    The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "Feature" to indicate that the device template was created from a collection of feature templates.

Another way to create device templates from feature templates is to first create one or more custom feature templates and then create device templates. You can create multiple feature templates for the same feature. For a list of feature templates, see Available Feature Templates.

  1. Click Feature.

  2. Click Add Template.

  3. From Select Devices, select the type of device for which you wish to create a template.

    You can create a single feature template for features that are available on multiple device types. You must, however, create separate feature templates for software features that are available only on the device type you are configuring.

  4. Select the feature template. The template form is displayed.

    This form contains fields for naming the template and fields for defining the required parameters. If the feature has optional parameters, then the template form shows a plus sign (+) after the required parameters.

  5. In the Template Name field, enter a name for the feature template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.

  6. In the Description field, enter a description for the feature template.

    This field is mandatory, and it can contain any characters and spaces.

  7. For each required parameter, choose the desired value, and if applicable, select the scope of the parameter. Select the scope from the drop-down list of each parameter's value box.

  8. Click the plus sign (+) from the required parameters to set the values of optional parameters.

  9. Click Save.

  10. Repeat Steps 2 to 9 for each additional feature template you wish to create.

  11. Click Device.

  12. Click the Create Template drop-down list and select From Feature Template.

  13. From the Device Model drop-down list, select the type of device for which you wish to create the device template.

    vManage NMS displays the feature templates for the device type you selected. The required feature templates are indicated with an asterisk (*). The remaining templates are optional.

  14. In the Template Name field, enter a name for the device template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.

  15. In the Description field, enter a description for the device template.

    This field is mandatory, and it can contain any characters and spaces.

  16. To view the factory-default configuration for a feature template, select the desired feature template and click View Template.

  17. Click Cancel to return to the Configuration Template screen.

  18. To use the factory-default configuration, click Create to create the device template. The new device template is displayed in the Device Template table. The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "Feature" to indicate that the device template was created from a collection of feature templates.

  19. To modify the factory-default configuration, select the feature template for which you do not wish to use the factory-default template. From the drop-down list of available feature templates, select a feature template that you created.

  20. Repeat Step 19 for each factory-default feature template you wish to modify.

  21. Click Create. The new configuration template is displayed in the Device Template table.

    The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "Feature" to indicate that the device template was created from a collection of feature templates.

Create a Device CLI Template

To create a device template by entering a CLI text-style configuration directly on the Cisco vManage:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click the Create Template drop-down list and select CLI Template.

  4. From the Device Type drop-down list, select the type of device for which you wish to create the template.

  5. In the Template Name field, enter a name for the device template.

    This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (–), and underscores (_). It cannot contain spaces or any other characters.

  6. In the Description field, enter a description for the device template.

    This field is mandatory, and it can contain any characters and spaces.

  7. In the CLI Configuration box, enter the configuration either by typing it, cutting and pasting it, or uploading a file.

  8. To convert an actual configuration value to a variable, select the value and click Create Variable. Enter the variable name, and click Create Variable. You can also type the variable name directly, in the format {{variable-name}}; for example, {{hostname}}.

  9. Click Add. The new device template is displayed in the Device Template table.

    The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "CLI" to indicate that the device template was created from CLI text.

Manage Device Templates

Edit a Device Template

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates or Feature Templates, and select a template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device, and Feature Templates is titled Feature.

  3. Click , and click Edit.

You cannot change the name of a device or feature template when that is attached to a device.


Note

You can edit templates simultaneously from one or more vManage servers. For simultaneous template edit operations, the following rules apply:

  • You cannot edit the same device or feature template simultaneously.

  • When you are editing a device template, all other feature templates attached to that device template are locked and you cannot perform any edit operations on them.

  • When you are editing a feature template that is attached to a device template, that device template as well as all other feature templates attached to it are locked and you cannot perform any edit operations on them.

Delete a Template

Deleting a template does not remove the associated configuration from devices.

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates or Feature Templates, and select a template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device, and Feature Templates is titled Feature.

  3. Click , and click Delete.

  4. To confirm the deletion of the template, click OK.

Copy a Template

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates or Feature Templates, and select a template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device, and Feature Templates is titled Feature.

  3. Click , and click Copy.

  4. Enter a new template name and description.

  5. Click Copy.

Edit a CLI Device Template

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates, and select a template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Edit.

  4. Under Device CLI Template, edit the template.

  5. Click Update.

Use Variable Values in Configuration Templates

An overlay network might have multiple devices of the same type that have nearly identical configurations. This situation most commonly occurs with routers when the routers that are located in multiple stores or branch locations provide identical services, but each individual router has its own hostname, IP address, GPS location, and other site-specific properties, such as BGP neighbors. This situation also occurs in a network with redundant controller devices, such as Cisco vSmart Controllers, which must all be configured with identical policies, and Cisco vManage systems. Again, each controller has its own individual parameters, such as hostname and IP address.

To simplify the configuration process for these devices, you can create a single configuration template that contains both static configuration values and variable values. The static values are common across all the devices, and the variable values apply only to an individual device. You provide the actual values for the variables when you attach the individual device to the device configuration template.

You can configure a variable value for a parameter in a feature configuration template in two ways:

  • Select the parameter scope to be Device Specific—For an individual configuration parameter, select Device Specific to mark the parameter as a variable. Each variable must be identified by a unique text string, which is called a key. When you select Device Specific, an Enter Key box opens and displays the default key. You can use the default key, or you can change it by typing a new string and then moving the cursor out of the Enter Key box.

  • Mark a group of related parameters as optional—For some features in some feature configuration templates, you can mark the entire feature as optional. To mark the feature in this way, click Mark as Optional Row in a section of a feature configuration template. The variable parameters are then dimmed, and you cannot configure values for them in the feature configuration template.

You enter the device-specific values for the variables when you attach the device to the configuration, in one of the following ways:

  • From a file—When you are attaching a template to a device, you load a file to the vManage NMS. This is an Excel file in CSV format that lists all the variables and defines the variable's value for each device.

  • Manually—When you attach a device template to a device, the Cisco vManage prompts you for the values for each of device-specific parameters, and you type in the value for each parameter.


Note

Cisco SD-WAN supports up to 500 variables in a template push operation.

Use a File for Variable Parameters

To load device-specific variable values from a file, you create a template variables file. This file is an Excel file in CSV format that lists all the variables in your the configurations of your devices and defines the values for each variable. You create this file offline and then import it into Cisco vManage server when you attach a device configuration to one or more devices in the overlay network.

We recommend that you create a template variables CSV file when your overlay network has more than a small number of Cisco vEdge devices.

CSV File Format

The CSV file is an Excel spreadsheet that contains one column for each variable that is required for the configuration of a device. The header row contains the variable names (one variable per column), and each row after that corresponds to a device and defines the values of the variables for that device.

You can create a single spreadsheet for all devices in the overlay network—Cisco vEdge devices, Cisco vManage systems, Cisco vSmart Controllers, and Cisco vBond Orchestrators—or you can create one spreadsheet for each device type. The system determines the device type from its serial number.

In the spreadsheet, for each device type and for each individual device, you specify values only for the required variables. When you do not need to specify a value for a variable, simply leave that cell blank.

The first three columns in the spreadsheet must be the following items and must be in the order shown:

Column

Column Heading

Description

1

csv-deviceId

Serial number of the device (used to uniquely identify the device). For Cisco vEdge devices, you receive the serial numbers in the authorized serial number file sent to you from Cisco. For other devices, the serial number is included in the signed certificate you receive from Symantec or from your root CA.

2

csv-deviceIP

System IP address of the device (used to populate the system ip address command).

3

csv-host-name

Hostname of the device (used to populate the system hostname command).

The headings for the remaining columns must be unique variable keys that are defined in the Enter Key box of a feature configuration template. These remaining columns can be in any order.

Generate a Skeleton CSV File

You can create a template variables CSV file manually, with the format described in the previous section, or you can haveCisco vManage generate a skeleton CSV file that contains all the required columns and column headings. This generated CSV file has one row for each Cisco device type, and it has the column headings for each of the variables that are required by all the feature templates included in the device configuration. The column heading text corresponds to the key string that identifies a device-specific parameter. Then you populate the rows with values for each variable.

To have Cisco vManage generate a skeleton CSV file:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Feature Templates, and click Add Template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Feature Templates is titled Feature.

  3. Create the required feature templates for one Cisco vEdge device router, one Cisco vSmart Controller, one Cisco vManage system, and one Cisco vBond Orchestrator.

    In each feature template:

    1. For fields that have default values, verify that you want to use that value for all devices. If you do not want to use the default, change the scope to Global or Device-specific.

    2. For fields that apply to all devices, select the Global icon next to the field and set the desired global values.

    3. For fields that are device specific, select the Device-specific icon next to the field and leave the field blank.

  4. For each Cisco device type, create a device template.

  5. From the Cisco vManage menu, choose Configuration > Templates.

  6. Click Device Templates, and select the desired device template from the template list table.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  7. Click , and click Export CSV.

  8. Repeat Steps 7 and 8 for each device template.

Edit the exported CSV file, adding at a minimum the device serial number, device system IP address, and device hostname for each device in the overlay network. Then add values for desired device-specific variables for each device. Note that variable names cannot contain forward slashes (/), backwards slashes (\), or parentheses (( )).

If desired, you can combine the CSV files into a single file.

Import a CSV File

To use the device-specific variable values in the CSV file, import the file when you are attaching a device template to the Viptela device:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. For the desired template, click ..., and select Attach Devices.

  4. In the Attach Devices dialog box, select the desired devices in Available Devices and click the arrow to move them to Selected Devices.

  5. Click Attach.

  6. Click the Up arrow. The Upload CSV File box displays.

  7. Choose the CSV file to upload, and click Upload.

During the attachment process, click Import file to load the Excel file. If Cisco vManage detects duplicate system IP addresses for devices in the overlay network, it displays a warning message or a pop-up window. You must correct the system IP addresses to remove any duplicates before you can continue the process of attaching device templates to Viptela devices.

Manually Enter Values for Device-Specific Variables and for Optional Rows

For parameters in a feature template that you configure as device-specific, when you attach a device template to a device, Cisco vManage prompts you for the values to use for these parameters. Entering device-specific values in this manner is useful in test or POC networks, or if you are deploying a small network. This method generally does not scale well for larger networks.

For situations in which the configuration for many devices is identical except for a few parameters, in the feature configuration template, you can specify that the parameter be an optional row in the configuration. By selecting optional row, the feature template automatically marks the parameters as device-specific, and these parameters are dimmed so that you cannot set them in the template. You do not have to individually mark the parameters as device specific. Then, when you attach a device template to a device, Cisco vManage prompts you for the values to use for these parameters. Using optional rows to enter device-specific values is useful when a group of many Cisco vEdge devices provide identical services at their branch or site, but individual routers have their own hostname, IP address, GPS location, and other site or store properties, such as BGP neighbors.

Optional rows are available for some parameters in some feature configuration templates. To treat a parameter or set of parameters as an optional row, click the Mark as Optional Row box. For these types of parameters, the feature configuration template has a table listing all the configured parameters. The Optional column indicates which are optional rows,

To manually enter values for device-specific variables or for variables in optional rows when you attach the template to a device:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates, and select the desired device template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Attach Devices. The Attach Devices dialog box opens.

  4. Choose one or more devices from Available Devices and move them to Selected Devices.

  5. Click Attach.

  6. In the Chassis Number list, select the desired device.

  7. Click , and click Edit Device Template. The Update Device Template dialog box opens.

  8. Enter values for the optional parameters. When you are using optional rows, if you do not want to include the parameter for the specific device, do not specify a value.

  9. Click Update.

  10. Click Next.

    If any devices have the same system IP address, a dialog box appears or an error message is displayed when you click Next. Modify the system IP addresses so that there are no duplicates, and click Save. Then click Next again.


    Note

    You need to shut down the OMP on the device, before changing the system-ip on the device.

  11. In the left pane, select the device. The right pane displays the device configuration and the Config Preview tab in the upper right corner is selected.

  12. Click Config Diff to preview the differences between this configuration and the configuration currently running on the device, if applicable. To edit the variable values entered in the previous screen, click Back.

  13. Click Configure Devices to push the configuration to the devices.

    The Status column displays whether the configuration was successfully pushed. Click the right angle bracket to the left of the row to display details of the push operation.

View Device Templates

View a Template

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates or Feature Templates, and select a template you wish to view.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device, and Feature Templates is titled Feature.

  3. Click , and then click View.

View Device Templates Attached to a Feature Template

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Feature Templates, and select a template you wish to view.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Feature Templates is titled Feature.

  3. Click , and click Show Attached Device Templates.

    Device Templates dailog box opens, displaying the names of the device templates to which the feature template is attached.

View Devices Attached to a Device Template

For a device template that you created from feature templates:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates, and select a template you wish to view.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Attach Devices.

  4. From Attach Devices, click Attached Devices.

For a device template that you created from a CLI template:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates, and select a template you wish to view.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and then click Show Attached Devices.

Attach and Detach a Device Template

To configure a device on the network, you attach a device template to the device. You can attach only one device template to a device, so the template—whether you created it by consolidating individual feature templates or by entering a CLI text-style configuration—must contain the complete configuration for the device. You cannot mix and match feature templates and CLI-style configurations.

On Cisco Cisco vEdge devices in the overlay network, you can perform the same operations, in parallel, from one or more vManage servers. You can perform the following template operations in parallel:

  • Attach a device template to devices

  • Detach a device template from a device

  • Change the variable values for a device template that has devices attached to it

For template operations, the following rules apply:

  • When a device template is already attached to a device, you can modify one of its feature templates. Then when you click Update > Configure Devices, all other template operations—including attach devices, detach devices, and edit device values—are locked on all vManage servers until the update operation completes. This means that a user on another vManage server cannot perform any template operations until the update completes.

  • You can perform the attach and detach device template operations on different devices, from one or more vManage servers, at the same time. However, if any one of these operations is in progress on one vManage server, you cannot edit any feature templates on any of the servers until the attach or detach operation completes.


Note

You need to recreate the feature templates as the templates created prior to Cisco vManage Release 20.5 fails when attached to the device.

If the device being configured is present and operational on the network, the configuration is sent to the device immediately and takes effect immediately. If the device has not yet joined the network, the pushing of the configuration to the device is scheduled. When the device joins the network, Cisco vManage pushes the configuration immediately after it learns that the device is present in the network.

Attach a Device Template to Devices

You can attach the same templates to multiple devices, and you can do so simultaneously, in a single operation.

To attach a device template to one or more devices:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates and select the desired template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Attach Devices. The Attach Devices dialog box opens with the Select Devices tab selected

  4. In the Available Devices column on the left, select a group and search for one or more devices, select a device from the list, or click Select All.

  5. Click the arrow pointing right to move the device to the Selected Devices column on the right.

  6. Click Attach.

  7. If the template contains variables, enter the missing variable values for each device you selected in one of the following ways:

    • Enter the values manually for each device either in the table column or by clicking ... and Edit Device Template. When you are using optional rows, if you do not want to include the parameter for the specific device, do not specify a value.

    • Click Import File to upload a CSV file that lists all the variables and defines each variable's value for each device.

  8. Click Update

  9. Click Next.

    If any devices have the same system IP address, a dialog box appears or an error message is displayed when you click Next. Modify the system IP addresses so that there are no duplicates, and click Save. Then click Next again.

  10. In the left pane, select the device, to preview the configuration that is ready to be pushed to the device. The right pane displays the device's configuration and the Config Preview tab is selected. Click the Config Diff tab to view the differences between this configuration and the configuration currently running on the device, if applicable. Click the Back button to edit the variable values entered in the previous screen.

  11. If you are attaching a Cisco vEdge device, click Configure Device Rollback Timer to configure the time interval at which the device rolls back to its previous configuration if the router loses its control connection to the overlay network. The Configure Device Rollback Time dialog box is displayed.

    1. From the Devices drop-down list, select a device.

    2. To enable the rollback timer, in the Set Rollback slider, drag the slider to the left to enable the rollback timer. When you do this, the slider changes in color from gray to green.

    3. To disable the rollback timer, click the Enable Rollback slider. When you disable the timer, the Password field dialog box opens. Enter the password that you used to log in to the vManage NMS.

    4. In the Device Rollback Time slider, drag the slider to the desired value. The default time is 5 minutes. You can configure a time from 6 to 15 minutes.

    5. To exclude a device from the rollback timer setting, click Add Exception and select the devices to exclude.

    6. The table at the bottom of the Configure Device Rollback Time dialog box lists all the devices to which you are attaching the template and their rollback time. To delete a configured rollback time, click the Trash icon from the device name.

    7. Click Save.

  12. Click Configure Devices to push the configuration to the devices. The Status column displays whether the configuration was successfully pushed. Click the right angle bracket to display details of the push operation.

Export a Variables Spreadsheet in CSV Format for a Template

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates and select the desired template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Export CSV.

Determine Why a Device Rejects a Template

When you attach a template to a device using the screen, the device might reject the template. One reason that this may occur is because the device template contains incorrect variable values. When a device rejects a template, it reverts to the previous configuration.

To determine why the device rejected the template:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Locate the device. The Template Status column indicates why the device rejected the template.

Change the Device Rollback Timer

By default, when you attach a Cisco vEdge device to a configuration template, if the router is unable to successfully start after 5 minutes, it returns to, or rolls back to, the previous configuration. For a configuration that you have created from the CLI, you can change the device's rollback timer:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates, and choose a device template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click , and click Change Device Values.

    The right pane displays the device's configuration, and the Config Preview tab is selected.

  4. In the left pane, click the name of a device.

  5. Click Configure Device Rollback Timer. The Configure Device Rollback Time pop up page is displayed.

  6. From the Devices drop-down list, select a device.

  7. To enable the rollback timer, in the Set Rollback slider drag the slider to the left to enable the rollback timer. When you do this, the slider changes in color from gray to green.

  8. To disable the rollback timer, click Enable Rollback slider. When you disable the timer, the Password field dialog box appears. Enter the password that you used to log in to the vManage NMS.

  9. In the Device Rollback Time slider, drag the slider to the desired value. The default time is 5 minutes. You can configure a time from 6 to 15 minutes.

  10. To exclude a device from the rollback timer setting, click Add Exception and select the devices to exclude.

  11. The table of the Configure Device Rollback Time dialog box lists all the devices to which you are attaching the template and their rollback time. To delete a configured rollback time, click the Trash icon of the device name.

  12. Click Save.

  13. Click Configure Devices to push the configuration to the devices. The Status column displays whether the configuration was successfully pushed. Click (+) to display details of the push operation.

Preview Device Configuration and View Configuration Differences

For a configuration that you have created from the CLI:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates, and choose the desired device template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click ..., and click Change Device Values.

    The right pane displays the device's configuration, and Config Preview is selected.

  4. Click the name of a device.

  5. Click Config Diff to view the differences between this configuration and the configuration currently running on the device, if applicable. Click Back to edit the variable values entered in the previous screen.

  6. Click Configure Devices to push the configuration to the devices. The Status column displays whether the configuration was successfully pushed. Click the right angle bracket to display details of the push operation.

Change Variable Values for a Device

For a configuration that you have created from device configuration templates, if the templates contain variables, the vManage NMS can automatically populate the variables with actual values when you attach the templates to the devices. To do this, you create an Excel file that lists the variable values for each device and save the file in CSV format. You can also enter values for these variables manually.

After you have pushed the configuration to a device, you can change the value assigned to any variable:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates, and choose the desired device template.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. Click ..., and click Change Device Values.

    The screen displays a table of all the devices that are attached to that device template.

  4. For the desired device, click ..., and click Edit Device Template.

  5. In the Update Device Template dialog box, enter values for the items in the variable list.

  6. Click Update.

  7. Click Next.

  8. Click Configure Devices to push the configuration to the device. The Status column displays if the configuration was successfully pushed or not. Click the right angle bracket to display the details of the push operation.

Default Device Templates

Table 2. Feature History

Feature Name

Release Information

Description

Default Device Templates

 Cisco SD-WAN Release 20.1.1

A default device template provides basic information that you can use to bring up devices in a deployment quickly.

This feature is supported on the Cisco Cloud Services Router 1000V Series, Cisco C1111-8PLTELA Integrated Services Routers, and Cisco 4331 Integrated Services Routers.

A default device template provides basic information that you can use to bring up devices in a deployment. It provides a way for you to quickly provision devices with the minimum information that they need to operate in your network.

You cannot directly edit or update information in a device default template, but you can copy the template and then edit the copy.

To use a default device template:

  1. From the Cisco vManage menu, choose Configuration > Templates.

  2. Click Device Templates.


    Note

    In Cisco vManage Release 20.7.x and earlier releases, Device Templates is titled Device.

  3. From the Template Type drop-down list, select Default.

    A list of default device templates displays.

  4. Perform any of these actions:

    • To attach a default device template to devices, click ..., and select Attach Devices.

      In the Attach Devices dialog box, select the devices that you want attach, and then click Attach.

    • To view the configuration settings for a default device template, click ..., and choose View.

    • To copy a default device template, click ..., and choose View.

      In the Template Copy dialog box, enter a unique name and a description for the copy that you are creating, and then click Copy.

      The copied version becomes a feature template that you can edit.

    • To create an Excel file in CSV format that contains device-specific settings from a device template, click ..., and choose Export CSV. Use the dialog box that displays to open or save the CSV file.

      You can use this CSV file as a reference for device-specific settings when you create other device templates.

Configuring Devices using vManage

Use the Devices screen to add and delete devices, toggle the mode of a device between CLI and vManage, upload the WAN Edge Serial number file, export bootstrap configuration and, and perform other device-related tasks.

Change Configuration Modes

A device can be in either of these configuration modes:

  • vManage mode–A template is attached to the device and you cannot change the configuration on the device by using the CLI.

  • CLI mode – No template is attached to the device and the device can be configured locally by using the CLI.

When you attach a template to a device from vManage, it puts the device in vManage mode. You can change the device back to CLI mode if needed to make local changes to its configuration.

To toggle a router from vManage mode to CLI mode:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click WAN Edge List, and select a device.

  3. Click the Change Mode drop-down list and select CLI mode.


Note

Starting from Cisco IOS XE SD-WAN Release 17.11.1a, click the ... icon adjacent to the device that you want to change from the vManage mode to the CLI mode and click Config Lock (Provision Device).

You can use the Config Lock (Provision Device) only if a template is attached to a device.

An SSH window opens. To log in to the device, enter a username and password. You can then issue CLI commands to configure or monitor the device.

To toggle a controller device from vManage mode to CLI mode:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click Controllers, and select a device.

  3. Click the Change Mode drop-down list.

  4. Select CLI mode and then select the device type. The Change Mode - CLI window opens.

  5. From the vManage mode pane, select the device and click the right arrow to move the device to the CLI mode pane.

  6. Click Update to CLI Mode.

An SSH window opens. To log in to the device, enter a username and password. You can then issue CLI commands to configure or monitor the device.


Note

Starting from Cisco IOS XE SD-WAN Release 17.11.1a, click the ... icon adjacent to the device that you want to change from the vManage mode to the CLI mode and click Config Lock (Provision Device).

You can use the Config Lock (Provision Device) only if a template is attached to a device.

Upload WAN Edge Router Authorized Serial Number File

The WAN eEdge router authorized serial number file contains the chassis number and the certificate serial numbers of all valid Cisco vEdge devices in the overlay network. You retrieve a serial number file from the Cisco Plug-and-Play (PnP) portal and upload it to Cisco vManage. (For more information abou Cisco PnP, see Cisco Plug and Play Support Guide for Cisco SD-WAN Products.) From Cisco vManage, you send the file to the controllers in the network. This file is required to allow the Cisco SD-WAN overlay network components to validate and authenticate each other and to allow the overlay network to become operational.

To upload the WAN edge router authorized serial number file to Cisco vManage and then download it to controllers in the network:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click WAN Edge List, and click Upload WAN Edge List.

  3. Under Upload WAN Edge List screen:

    1. Click Choose File and select the WAN edge router authorized serial number file you received from Cisco PnP.

    2. To automatically validate the routers and send their chassis and serial numbers to the controllers, ensure that the Validate the uploaded vEdge List and send to controllers check box is selected. If you do not select this option, you must individually validate each router in Configuration > Certificates > WAN Edge List.

    3. Click Upload.

A list of routers in the network is displayed in the router table, with details about each router.

Starting from Cisco vManage Release 20.9.2, you can monitor the newly added WAN Edge devices in the Monitor > Devices page.

Upload WAN Edge Router Serial Numbers from Cisco Smart Account

To allow Cisco SD-WAN overlay network components to validate and authenticate each other and to allow the overlay network to become operational, Cisco SD-WAN requires chassis numbers of all valid Cisco vEdge devices in the overlay network.

In addition, certificate serial numbers, are required for all devices.

To upload the WAN edge router authorized serial numbers from a Cisco Smart account to the vManage NMS and then download it to all the controllers in the overlay network:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click WAN Edge List, and click Sync Smart Account.

  3. In the Sync Smart Account window:

    1. Enter the Username and Password for your Smart account.

    2. To automatically validate the routers and send their chassis and serial numbers to the controllers, check the Validate the Uploaded WAN Edge List and Send to Controllers check box. If you do not select this option, you must individually validate each router in Configuration > Certificates > WAN Edge List.

    3. Click Sync.

A list of routers in the network is displayed in the router table, with details about each router.

Starting from Cisco vManage Release 20.9.2, you can monitor the newly added WAN Edge devices in the Monitor > Devices page.

Generate Bootstrap Configuration for a vEdge Cloud Router

For vEdge Cloud routers, you need to generate a bootstrap configuration file that you use when you create vEdge cloud VM instances.

To generate and download a bootstrap configuration for one or more vEdge Cloud routers:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click WAN Edge List, and click Export Bootstrap Configuration.

  3. In the Export Bootstrap Configuration window, in the Bootstrap Configuration field, click Cloud-Init or Encoded String, depending the Hypervisor you are using to bring up the vEdge Cloud router.

  4. Select the devices to configure from the Available Devices pane, or click Select All to select all devices.

  5. Click the right arrow to move the devices to the Selected Devices pane.

  6. Click Generate Configuration. The configurations are downloaded to the vManage NMS.

  7. Provision the vEdge Cloud router instance in AWS, KVM, or ESXi with the boostrap configuration. By default, ge0/0 is the device's tunnel interface and is a DHCP client. To use an interface other than ge0/0 as the tunnel interface or to use a static IP as the IP address, reconfigure the device through the CLI. For more information about configuring interfaces, see Configure Network Interfaces.

After you provision the vEdge Cloud router instance, vManage NMS installs a certificate on the device and the device's token changes to a serial number. After the device's control connections to vManage NMS come up, any templates attached to the device are automatically pushed to the device.

Export Device Data in CSV Format

In an overlay network, you might have multiple devices of the same type that have identical or effectively identical configurations. For example, in a network with redundant Cisco vSmart Controllers, each controller must be configured with identical policies. Another example is a network with Cisco vEdge devices at multiple sites, where each Cisco vEdge device is providing identical services at each site.

Because the configurations for these devices are essentially identical, you can create one set of feature templates, which you then consolidate into one device template that you use to configure all the devices. You can create an Excel file in CSV format that lists the variables and defines each device specific variable value for each device. Then you can load the file when you attach a device template to a device.

To export data for all devices to a file in CSV format, click the Export icon. This icon, which is a downward-pointing arrow, is located to the right of the filter criteria both in the WAN Edge List and in the Controllers tab.

vManage NMS downloads all data from the device table to an Excel file in CSV format.

View and Copy Device Configuration

View a Device's Running Configuration

Running configuration is configuration information that vManage obtains from the memory of a device. This information can be useful for troubleshooting.

To view a device's running configuration:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click WAN Edge List or Controllers, and select the device.

  3. Click , and click Running Configuration.

View a Device's Local Configuration

Local configuration is configuration that vManage has stored for a device. This information can be useful for troubleshooting or for determining how to access a device if, for example, a device is not reachable from vManage.

To view a device's local configuration created using Configuration ► Templates:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click WAN Edge List or Controllers, and select the device.

  3. Click , and click Local Configuration.

Copy Router Configuration

When you are replacing one router at a site with another router, you copy the old router's configuration to the new router. Then you remove the old router from the network and add the new one.

To copy the configuration from the old router to the new router:

  1. From the Cisco vManage menu, choose Configuration > Certificates.

  2. Mark the new Cisco vEdge device as invalid.

  3. From the Cisco vManage menu, choose Configuration > Devices.

  4. Under WAN Edge List, select the old router.

  5. Click , and click Copy Configuration.

  6. In the Copy Configuration window, select the new router.

  7. To confirm the copy of the configuration, click Update.

After you have copied the configuration to the new router, you can add the new router to the network. First, delete the old router from the network, as described below. Then add the new router to the network:

  1. From the Cisco vManage menu, choose Configuration > Certificates.

  2. Mark the new router as valid.

  3. Click Send to Controller.

Delete a WAN Edge Router

Delete a router if you need to remove it from your deployment. Doing so removes from the WAN edge router serial number list any of the following items that are stored for the router:

  • Chassis number

  • Certificate serial number

  • Subject SUDI serial number


Note
Deleting a router also permanently removes the router configuration from the vManage NMS.

To delete a router:

  1. From the Cisco vManage menu, choose Configuration > Certificates.

  2. Mark the WAN Edge router as invalid.

  3. From the Cisco vManage menu, choose Configuration > Devices.

  4. Click WAN Edge List, and select the router.

  5. Click ..., and click Delete WAN Edge.

  6. To confirm deletion of the device, click OK.

  7. From the Cisco vManage menu, choose Configuration > Certificates.

  8. Click Send to Controller.

Decommission a Cloud Router

Decommissioning a cloud router (such as a vEdge Cloud router ) removes the device's serial number from Cisco vManage and generates a new token for the device. To do so:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click WAN Edge List, and select a cloud router.

  3. Click , and click Decommission WAN Edge.

  4. To confirm the decommissioning of the router, click OK.

View Template Log and Device Bringup

View Log of Template Activities

A log of template activities contains information that relates to creating, editing, and deleting configuration templates, and the status of attaching configuration templates to devices. This information can be useful for troubleshooting.

To view a log of template activities:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click WAN Edge List or Controllers, and select the device.

  3. Click , and click Template Log.

View Status of Device Bringup

You can view the status of the operations involved in bringing a router or controller up in the overlay network. This information can help you monitor these operations.

To view the status of a device bringup:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click WAN Edge List or Controllers, and select the device.

  3. Click , and click Device Bring Up.

Add a Cisco vBond Orchestrator

A Cisco vBond Orchestrator automatically orchestrates connectivity between Cisco vEdge devices and vManage controllers. If any Cisco vEdge device or Cisco vSmart Controller is behind a NAT, the Cisco vBond Orchestrator also serves as an initial NAT-traversal orchestrator. To add a Cisco vBond Orchestrator:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click Controllers.

  3. Click Add Controller drop-down list, and select vBond.

  4. In the Add vBond window:

    1. Enter vBond Management IP Address of the vBond controller.

    2. Enter the Username and Password to access the vBond orchestrator.

    3. To allow the certificate-generation process to occur automatically, check the Generate CSR check box.

    4. Click Add.

  5. Repeat Steps 2, 3 and 4 to add additional Cisco vBond Orchestrators.

The new Cisco vBond Orchestrator is added to the list of controllers in the Controllers screen.

Configure Cisco vSmart Controllers

Add a vSmart Controller

After the Cisco vBond Orchestrator authenticates Cisco vEdge devices, the Cisco vBond Orchestrator provides Cisco vEdge devices information that they need to connect to the Cisco vSmart Controller. A Cisco vSmart Controller controls the flow of data traffic throughout the network via data and app-route policies. To configure Cisco vSmart Controllers:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click Controllers.

  3. Click the Add Controller drop-down list and select vSmart.

  4. In the Add vSmart window:

    1. Enter the system IP address of the Cisco vSmart Controller.

    2. Enter the username and password to access the Cisco vSmart Controller.

    3. Select the protocol to use for control-plane connections. The default is DTLS. The DTLS (Datagram Transport Layer Security) protocol is designed to provide security for UDP communications.

    4. If you select TLS, enter the port number to use for TLS connections. The default is 23456.

      The TLS (Transport Socket Layer) protocol that provides communications security over a network.

    5. Check the Generate CSR check box to allow the certificate-generation process to occur automatically.

    6. Click Add.

  5. Repeat Steps 2, 3 and 4 to add additional Cisco vSmart Controllers. The vManage NMS can support up to 20 Cisco vSmart Controllers in the network.

The new Cisco vSmart Controller is added to the list of controllers in the Controllers screen.

Edit Controller Details

Editing controller details lets you update the IP address and login credentials of a controller device. To edit controller details:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click Controllers, and select the controller.

  3. Click , and click Edit.

  4. In the Edit window, edit the IP address and the login credentials.

  5. Click Save.

Delete a Controller

Deleting a controller removes it from the overlay. Delete a controller it if you are replacing it or if you no longer need it in your network.

To delete a controller:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click Controllers, and select the controller.

  3. Click , and click Invalidate.

  4. To confirm the removal of the device and all its control connections, click OK.

Configure Reverse Proxy on Controllers

To configure reverse proxy on an individual vManage NMS and Cisco vSmart Controller:

  1. From the Cisco vManage menu, choose Configuration > Devices.

  2. Click Controllers, and select the controller.

  3. Click , and click Add Reverse Proxy.

    The Add Reverse Proxy dialog box is displayed.

  4. Click Add Reverse Proxy.

  5. Configure the private IP address and port number for the device. The private IP address is the IP address of the transport interface in VPN 0. The default port number is 12346. This is the port used to establish the connections that handle control and traffic in the overlay network.

  6. Configure the proxy IP address and port number for the device, to create the mapping between the private and public IP addresses and port numbers.

  7. If the Cisco vManage NMS or Cisco vSmart Controller has multiple cores, repeat Steps 5 and 6 for each core.

  8. Click Add.

To enable reverse proxy in the overlay network, from the Cisco vManage menu, choose Administration > Settings. Then from the Reverse Proxy bar, click Edit. Click Enabled, and click Save.