EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

NZ

vEdge BringUP by ZTP Process

vEdge BringUP by ZTP Process

Posted on Jan 27, 2020 (0)

vEdge BringUP by ZTP Process

Task: Perform the Following task based on the information given below.

  • Once these Templates are configured on vManage, Simulate the ZTP by attaching this Centralized template to BR2-vEDGE1 Router.
  • Enable the Shut down the WAN interface and configure the vEdge Host name by console “BR2-vEDGE1
  • Check the Rollback configuration to note latest configuration index for backup.

For CSV file use following Values:

Topology:

Solution:

Access the BR2-Edge1 via Console and bring the device UP. Configure its Host name and run the rollback configuration to see the latest configuration.

But Before ZTP starts lets access the vEdge and verify the configuration:

vedge# sh run
system
host-name vedge
admin-tech-on-failure
no route-consistency-check
vbond ztp.viptela.com
aaa
auth-order local radius tacacs
usergroup basic
task system read write
task interface read write
!
usergroup netadmin
!
usergroup operator
task system read
task interface read
task policy read
task routing read
task security read
!
user admin
password $6$siwKBQ==$wT2lUa9BSreDPI6gB8sl4E6PAJoVXgMbgv/whJ8F1C6sWdRazdxorYYTLrL6syiG6qnLABTnrE96HJiKF6QRq1
!
!
logging
disk
enable
!
!
!
bfd app-route poll-interval 5000
omp
no shutdown
ecmp-limit 8
graceful-restart
advertise connected
advertise static
!
security
ipsec
authentication-type sha1-hmac ah-sha1-hmac
!
!
snmp
no shutdown
view public
oid 1.3.6.1
!
!
banner
login "Cisco SD-WAN/Viptela dCloud Demo V2"
!
vpn 0
interface ge0/0
ip dhcp-client
tunnel-interface
encapsulation ipsec
no allow-service bgp
allow-service dhcp
allow-service dns
allow-service icmp
no allow-service sshd
no allow-service netconf
allow-service ntp
no allow-service ospf
allow-service stun
!
shutdown
!
!
vpn 512
interface eth0
ip address 198.18.134.106/18
no shutdown
!
ip route 0.0.0.0/0 198.18.128.1
!
vedge#

Now we will start configuring the feature and then device template.

Go to Configuration | template | Feature | Add Template | Select System | vEdge Cloud


Fill the following details as per figure shown:

Go to Configuration | template | Feature | Add Template | Select OMP | vEdge Cloud

Fill the following details as per figure shown:

Go to Configuration | template | Feature | Add Template | Select BFD | vEdge Cloud

Fill the following details as per figure shown

Go to Configuration | template | Feature | Add Template | Select VPN | vEdge Cloud

Fill the following details as per figure shown:

Here Next Hop IP is shown configured, if you are not using CSV file than use this method Else you need to fill the CSV file Header options. The details of CSV file are also given in task.

Go to Configuration | template | Feature | Add Template | Select VPN Interface | vEdge Cloud

Go to Configuration | template | Feature | Add Template | Select VPN Interface | vEdge Cloud

Here IP is shown configured, if you are not using CSV file than use this method Else you need to fill the CSV file Header options. The details of CSV file are also given in task.

Go to Configuration | template | Feature | Add Template | Select VPN | vEdge Cloud

Here Next Hop IP is shown configured, if you are not using CSV file than use this method Else you need to fill the CSV file Header options. The details of CSV file are also given in task.

Go to Configuration | template | Feature | Add Template | Select VPN Interface | vEdge Cloud

Here IP is shown configured, if you are not using CSV file than use this method Else you need to fill the CSV file Header options. The details of CSV file are also given in task.

Go to Configuration | template | Feature | Add Template | Select VPN | vEdge Cloud

Fill the following details as per figure shown:

Go to Configuration | template | Feature | Add Template | Select OSPF | vEdge Cloud

Fill the following details as per figure shown

Go to Configuration | template | Feature | Add Template | Select VPN Interface | vEdge Cloud

Fill the following details as per figure shown and Here IP is shown configured, if you are not using CSV file than use this method Else you need to fill the CSV file Header options. The details of CSV file are also given in task.

Go to Configuration | template | Feature | Add Template | Select VPN | vEdge Cloud

Fill the following details as per figure shown:

Go to Configuration | template | Feature | Add Template | Select VPN Interface | vEdge Cloud

Fill the following details as per figure shown and Here IP is shown configured, if you are not using CSV file than use this method Else you need to fill the CSV file Header options. The details of CSV file are also given in task.

Go to Configuration | template | Feature | Add Template | Select VPN | vEdge Cloud

Fill the following details as per figure shown:

Go to Configuration | template | Feature | Add Template | Select VPN Interface | vEdge Cloud

Fill the following details as per figure shown and Here IP is shown configured, if you are not using CSV file than use this method Else you need to fill the CSV file Header options. The details of CSV file are also given in task.

Now once Feature template is configured, Configure Device template.

Go to Configuration | template | Device | Create Template | Select From feature Template

Select all the feature Template and Default Template based on below Figure

Once Device Template is ready, Select the Chassis and at right Corner dots select attach the Device template, Select the Chassis ID and Select the Right Arrow and finally attach.

Once you do that , It will not fully attach Select the Chassis number of your vEdge Cloud Router and at right corner three dots , edit to select the Edit the device template , this will show that some options are not configured still.

Now Select the Upload option and Select the CSV file and upload

Once Done, Select the Chassis Number and then Select the Configure Devices

Go to BR2-vEdge1 Console and No shut the VPN 0 interface, once it is done, you will see that no of vEdge has been increased from 6 to 7 and vManage has configured the BR2-vEdge1 Device.

Once this is done, you can now see the new vEdge at vManage and it is fully configured from vManage only.

Now Lets see the CLI configuration of vEdge after ZTP Process:

BR2-VEDGE1# sh run
system
host-name BR2-VEDGE1
gps-location latitude 32.79
gps-location longitude -96.77
system-ip 10.4.0.1
site-id 400
admin-tech-on-failure
no route-consistency-check
sp-organization-name "Cisco Sy1 - 19968"
organization-name "Cisco Sy1 - 19968"
vbond vbond.cisco.com
aaa
auth-order local radius tacacs
usergroup basic
task system read write
task interface read write
!
usergroup netadmin
!
usergroup operator
task system read
task interface read
task policy read
task routing read
task security read
!
user admin
password $6$siwKBQ==$wT2lUa9BSreDPI6gB8sl4E6PAJoVXgMbgv/whJ8F1C6sWdRazdxorYYTLrL6syiG6qnLABTnrE96HJiKF6QRq1
!
!
logging
disk
enable
!
!
!
bfd app-route poll-interval 5000
omp
no shutdown
ecmp-limit 8
graceful-restart
advertise connected
advertise static
!
security
ipsec
authentication-type sha1-hmac ah-sha1-hmac
!
!
snmp
no shutdown
view public
oid 1.3.6.1
!
!
banner
login "Cisco SD-WAN/Viptela dCloud Demo V2"
!
vpn 0
host vbond.cisco.com ip 198.18.1.11 198.18.1.21
interface ge0/0
ip dhcp-client
nat
!
tunnel-interface
encapsulation ipsec
color biz-internet
no allow-service bgp
allow-service dhcp
allow-service dns
allow-service icmp
no allow-service sshd
no allow-service netconf
allow-service ntp
no allow-service ospf
allow-service stun
!
no shutdown
qos-map WAN-QOS
!
interface ge0/1
ip address 172.16.4.2/30
tunnel-interface
encapsulation ipsec
color mpls restrict
no allow-service bgp
allow-service dhcp
allow-service dns
allow-service icmp
no allow-service sshd
no allow-service netconf
no allow-service ntp
no allow-service ospf
no allow-service stun
!
no shutdown
qos-map WAN-QOS
!
ip route 0.0.0.0/0 172.16.4.1
!
vpn 10
router
ospf
default-information originate
timers spf 200 1000 10000
redistribute omp
route-policy denyInfraRoutes in
area 0
interface ge0/2
exit
exit
!
!
interface ge0/2
ip address 10.4.254.10/24
no shutdown
arp-timeout 60
access-list LAN-Classification in
!
omp
advertise ospf external
!
!
vpn 20
interface ge0/3
ip address 10.4.20.1/24
no shutdown
arp-timeout 60
access-list VPN20-BizData in
!
!
vpn 40
interface ge0/4
ip address 10.4.40.1/24
no shutdown
access-list GuestWiFi in
!
ip route 0.0.0.0/0 vpn 0
!
vpn 512
interface eth0
ip address 198.18.134.106/18
no shutdown
!
ip route 0.0.0.0/0 198.18.128.1
!
policy
app-visibility
flow-visibility
cloud-qos
cloud-qos-service-side
lists
prefix-list InfrastructureRoutes
ip-prefix 100.0.0.0/8 le 32
ip-prefix 172.0.0.0/8 le 32
!
!
route-policy denyInfraRoutes
sequence 10
match
address InfrastructureRoutes
!
action reject
!
!
default-action accept
!
class-map
class VOICE queue 0
class VIDEO queue 1
class BIZ-DATA queue 2
class BEST-EFFORT queue 3
!
access-list GuestWiFi
sequence 10
action accept
class BEST-EFFORT
!
!
default-action accept
!
access-list LAN-Classification
sequence 10
match
dscp 46
!
action accept
class VOICE
!
!
sequence 20
match
dscp 34
!
action accept
class VIDEO
!
!
sequence 30
match
dscp 26
!
action accept
class BIZ-DATA
!
!
sequence 40
action accept
class BEST-EFFORT
!
!
default-action accept
!
access-list VPN20-BizData
sequence 10
action accept
class BIZ-DATA
!
!
default-action accept
!
qos-scheduler besteffort_scheduler
class BEST-EFFORT
bandwidth-percent 5
buffer-percent 5
drops red-drop
!
qos-scheduler bizdata_scheduler
class BIZ-DATA
bandwidth-percent 50
buffer-percent 50
drops red-drop
!
qos-scheduler video_scheduler
class VIDEO
bandwidth-percent 30
buffer-percent 30
!
qos-scheduler voice_scheduler
class VOICE
bandwidth-percent 15
buffer-percent 15
scheduling llq
!
qos-map WAN-QOS
qos-scheduler besteffort_scheduler
qos-scheduler bizdata_scheduler
qos-scheduler video_scheduler
qos-scheduler voice_scheduler
!
!
BR2-VEDGE1#

Now revert the configuration, by doing rollback and select the Version number which was there at time of ZTP. See the below figure

Now you will see that bR2-vEdge1 is back to its initial configuration and its VPN 0 interface is shutdown.


Comment

    You are will be the first.

LEAVE A COMMENT

Please login here to comment.