Latest

Home / Cisco / Networks / Viptela SDWAN / Cisco SDWAN: vManage, vSmart, vBond setup from Scratch and the integrations with each other

Cisco SDWAN: vManage, vSmart, vBond setup from Scratch and the integrations with each other

March 05, 2020 , ,

Cisco SDWAN: vManage, vSmart, vBond setup

In this article we are going to discuss how vBond and vSmart controllers integrated with vManage in Cisco SDWAN Viptela solution. As you know vManage is a single dashboard to manage, troubleshoot, configuration and Policy push orchestration layer controller which is connected with vSmart, vBond and vEdges via different connections.

Fig 1.1- Cisco SDWAN Viptela (vBond, vSmart & vManage)

Before we will start with the integration of vSmart and vBond with vManage we will see how to configure vManage interface settings. The snapshots are taken from Cisco Live presentations and is not relevant to any live environment.

Things to remember

  • vpn 0: Transport vpn and is used for WAN connectivity
  • vpn 1-511: Service vpn and can be used for internal connectivity with LAN, DMZ zone or other LAN connectivity.
  • vpn 512: Management vpn and used for OOBM connectivity.

After this the basic configuration on vManage is to set the system, the site id, the organization name and domain name (here below if you see, vBond server can be specified as domain name). Make sure you take care Organization name (case sensitive), System-IP (should be unique on every component in SDWAN Fabric) as shown below.


So you configured the basics of the vManage, now we need to setup the things on vManage, where we need to configure Organization name and vBond address. Now we are going to configure vBond system parameters. 


So if you look into the vBond configuration for vpn 0, it should be like

vBond# sh run vpn 0
vpn 0
!
Interface ge0/0
ip dhcp-client
ipv6 dhcp-client
tunnel-interface
encapsulation ipsec
no allow-service bgp
allow-service dhcp
allow-service dns
allow-service icmp
no allow-service sshd
no allow-service netconf
no allow-service ntp
no allow-service ospf
no allow-service stun
allow-service https
!
no shutdown
!

Things to remember
  • The tunnel-interface configuration settings lock down the interface and also prevent incoming NETCONF connections.
  • When vBond is integrated with vManage, vManage establishes the NETCONF connection.
  • Disable the tunnel-interface configuration while performing controller integration.


Now add vBond and vSmart controllers into the vManage.


Now configuring interfaces for control connections. Enable the tunnel interface configuration on the VPN 0 interface on all controllers. On vBond, also specify the tunnel-interface encapsulation type.