EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

NZ

Configure vSmart & Generate Certificate

Configure vSmart & Generate Certificate

Posted on Jan 27, 2020 (0)

Configure vSmart & Generate Certificate

Once vSmart VM has been setup and started, it will come up with factory-default configuration. Now some more basic and initial configuration still to be done manually so that devices can be authenticated and verified and can easily join the overlay network.

Following things must be configured to make vSmart operation and join the overlay network.

  • Configure Tunnel Interface with one interface in VPN0 which must be connected to WAN transport and should be accessible to Viptela Devices. This VPN0 carries all control traffic between Viptela devices.
  • OMP protocol must be enabled.

Once initial configuration is done, a full configuration templates can be created on vManage and then attaching these templates to vSmart controller.  By doing so, configuration parameters in the template may overwrite the initial configuration.

In initial configuration, a system IP address is configured for vSmart that is a persistence address also acts as router-ID and is useful to identify controller independently and is one of the component of TLOC address. Control traffic over DTLS or TLS connection between vSmart and vEdge or between vSmart and vBond is sent over system interface identified by System IP address which is on VPN0 as device loopback IP address.

Create Initial Configuration for the vSmart Controller

Login to the Viptela device via SSH with user admin, using the default password, admin. | Enter configuration mode:

Enter configuration mode:

vSmart# config
vSmart(config)#

Configure the hostname:

Viptela(config)# system host-name hostname

Configure the system IP address.

vSmart(config-system)# system-ip ip-address

Configure the site  ID where the device is located:

vSmart(config-system)# site-id site-id

Configure  domain ID  in which the device is located:

vSmart(config-system)# domain-id domain-id

Configure the IP address of the vBond orchestrator or vBond DNS name

The vBond orchestrator's IP address should be a public IP address, so that all Viptela devices in the overlay network can reach it.

vSmart(config-system)# vbond (dns-name | ip-address)

Configure a time limit for confirming that a software upgrade is successful:

vSmart(config-system)# upgrade-confirm minutes

Change the password for the user "admin" whereas The default password is "admin

vSmart(config-system)# user admin password password

Configure an interface in VPN 0, over which an Internet or other WAN transport network can be connected and must be public IP address. This IP address can be configured as static or via DHCP.

vSmart(config)# vpn 0
vSmart(config-vpn-0)# interface interface-name
vSmart(config-interface)# (ip dhcp-client | ip address prefix /length)
vSmart(config-interface)# no shutdown
vSmart(config-interface)# tunnel-interface
vSmart(config-tunnel-interface)# allow-service netconf

To identify type of WAN transport Configure a color for the tunnel. Use the default color (default), but a more appropriate color, such as mpls or metro-ethernet, depending on the actual WAN transport can also be configured


Comment

    You are will be the first.

LEAVE A COMMENT

Please login here to comment.