Cisco SDWAN on EVE-NG - Edges bring up.

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

hey folks welcome back this is joy and in this video we will start or in fact we'll continue with our Estevan discussion the agenda for this video is that we will start by installing the V edges right in the previous video we already installed the controllers we have also discussed how the whole estimate works and all of that so we will go about installing the VHS in this one I've already installed the br1 which you see on the screen right so I'm going to install only the br-2 in this video all right so I muscled I myself wanted to test if he works well so I went a went about installing the BR one earlier in the day so in this video you just see me installing the BR 2 you know edge router alright so yeah I think we are good the topology is pretty straightforward like how we have discussed before so that that's fine and I think we don't have to go through all that the first thing which I want to discuss in this video is you know the one of the prerequisite for you know this lap is going to be having a smart account so this is the smart account so I obviously can't show you the my personal semana con because it has some privets private information so I'm going to show you some of the screenshots so you go down to software or cisco.com you get this particular view right and you just scroll down over here and you and so I mean this is this is the whole screen right so you scroll down and you go to the that particular section which I'm highlighting you go down to you can you can the question use smart account you know by talking to your Cisco representative I'm just going to click on manage smart account because I already have one so under the management accounts you can you can create a lot of virtual accounts right where your actual devices are going to be tied to account properties is going to have information about your account I'm obviously not going to show you that because that's going to have all my credentials and information which I don't want to show it out on the you go down on the virtual account at if you can create any number of virtual accounts which are going to be tied for your bun bundle of devices right so that is something which you have to do create virtual accounts and again if you already have a smart account that's going to be like a piece of cake then go back to the screen go back to software notes this code can go back to the page and click on you know plug-and-play Connect right because that's where we'll be onboarding our devices so on there you will basically find a view of this sort right where you have to kind of first go about adding a profile right add a profile up there and then you have the devices section as well so first you go down to controller profiles you click on the add profile I think I have a screenshot for that as well so this is how it appears so under the three options you select on V bond right so once you do that you know you you your and then you go about just doing clicking next next right you basically end up getting your V bond profile my profile is called Estevan lab let's go down to your devices and add the devices if you want to add physical devices go down to add devices if you want to add virtual devices in my case we are adding VHS and CSR 1000v so we are basically going to go about you know adding software devices right so once you create add add the devices section you know you again I have to just put in some basic information like your organization name and all of that which we have done earlier so you click on all of that wait for a minute and all of the devices will appear you know as provisioned over here and you would be good to start right so once this this is done this task is done you go back to your profile reborn profile and you can download D so once once this provisioning is completed you can go back to the web on profile and you can like download the serial file right so you can go back to the ebon puffin download a serial file which you get here which will be visible on the right-hand side you don't have an option to download it and that we bond profile right the serial file will have a list of all the devices which has been provisioned for you and that you can use you will have to come and upload in your we manage dashboard which I will show in a minute for your lab to work properly right so that's that's something which I wanted to show now probably we can go back to the we manage dashboard right earlier you would have probably seen that we manage we bound and we smart appearing here and you also have a we edge appearing now because like I said I've already installed one VH the branch number one branch 101 right something which I've already installed so let's go down to devices right so here up on the devices on the devices you will basically how did I get this list of devices you get this only after uploading you know the van edge list right so I talked about how you can download that CDL fine so once you download that serial file you will have to come here and kind of upload it you know using that upload van edge list you know button right so here you come and upload it once you upload that list all these Vantage's will be visible for you okay so you can see one I have already used one of the vonage so that's why it is appearing with the you know host name the system IP and all of that is being synced up there which is good we will basically end up using the second one for our discussion now right so that is that what else do I want to show you guys here you can also kind of like bootstrap configuration like if you want to automate you know the bring up process of the edges you can you also have an option to do that the serial number which I highlighted you know is basically going to be the serial number associated with your certificate and once you on board the VH you know the token is gonna be replaced by that right so just to confirm we are doing br-2 now let's go back to BR to the the CLI let's try to login and what else let's check the V bond also I just want to show you guys how the list of V edges appear over over here so Orchestrator we I think valid wages I'm not wrong added edges or I miss something okay well it be a just my bad so there it was so these are all the V edges which are available for me to use you can see the first one has already been used right so you can see the serial number appearing there for rest of them you know the serial number is a huge chunk of digits right so as in when we provision each of these in my network it just gets converted into the serial number associated with the certificate of that BH so let's go back and let's go to settings because I want to show you something here as well before we actually start confirming the edge so under the settings if you see there is a section called van edge cloud certificate authorization right make sure that is an automated state because I think starting with the new versions of be managed or the whole Estevan we have this provision to make use of our we manage and self as T CA server right as a CA sorry CA Authority right so instead of for having an external Enterprise you can still use the manual way of doing it you can click on the edit and you know you can do you can switch it to manual but automated is a easier way right you don't have to generate that CSR and all of that which we did in the previous you know for controllers right we generated a CSR then we took that CSR request and we signed it using my CA Server Enterprise here server and then you know we went back to the devices and put it so all of that step is kind of removed because we managed can act as TCS ever for the edges CA operating for the Endo's now this is the generate you know bootstrap con which is talking about if you want to automate your stuff you can do it you know using this you can come and click you can see all the configuration gets automatically created for you the bootstrap configuration so you can like directly deploy this on a cloud and you know using this this particular file but we are going to obviously go the manual way for this particular way edge at least because I want to show you all the steps involved sorry this is rebound my bad switch to the edge yeah let's do the basic configuration like we have done before right nothing very complicated putting in the hostname I think it's PR 2 organization name put in that site ID it's 102 the be-bound IP is important commit it and let's go back and check the interface configuration you see we have Gigabit Ethernet 0 being used then we are gonna go and compete at the interface between zero let's put in an IP address very straightforward config wait what you have done in the earlier controllers as well so it's gonna be the same thing nothing fancy 1.10 2.2 it's going to be my address for this interface family interface is needed a low interface or a low service all because it has to form all the control connections with the V smart let's put the default gateway as my r1 internet router let's commit it I think I forgot the system name so no solid layer system IP that's within that it's going to be one zero two I believe yeah one zero two there you go committing it looks good what do we do next let's see if we have connectivity to my r1 yep my default gateway is good my we managed yep that looks good let's check to be bond yes that's good as well and we smart so once we have checked the connectivity now we are good to go with the next process which is mainly with the certificates so let's go to let's go to the let's go here and let's go to the wind SP let's create a new session to my VH the BR to SFTP session because we have to upload the root certificate right the CA will act the we manage will act as a root CA which is good but but we still need the root certificate to be imported on my BH so that's an extra step so this is the root certificate which I talked about right which we used in the previous lab as well and I'm using a local CA server so that's why that is zero certificate you can assay yes accept it and let's upload it I think it's somewhere over here yep I can see it let's drag it yepp that's been uploaded which is pretty good and now the next is we have to basically go and request it right so let's install this certificate which we just now imported install it should be in that home folder admin and I believe yep so that's their let's install it yep that's installed successfully great let's check if it if if the we manage basically did all the CSR part of it you know signing the signing this certificate yeah so there you go I have my sign the certificate issued by the we manage now which is good let's go and check if we have the readiness see you can see then we check the readiness of this particular node it's not yet ready you can see that there is no certificate validity but the reason is because we have to go to to go to be managed you can see here we have not activated this particular node that is why it still says it's not ready right so we have to activate this particular node using this particular chassis number and the token number so let's do that now let's request the VH cloud activate chassis number chassis number we have to copy it from the either you get this information for be bound or you can get it from here that's what the token so once we put the token we will have to again do the same thing go back and copy the token from there awesome that looks good now let's wait for this particular node to get activated oh that's weird should have activated by now let me see what would have gone wrong that's weird let me try again okay that's not expected that's weird did I screw up somewhere let me just pause the video for a minute just try to troubleshoot this okay so the issue was pretty simple I had earlier clicked on the bootstrap configuration right generate bootstrap so it had created the bootstrap configuration and you know as a result I could not provision it by using the token so I kind of went and just decommissioned the Vonage so I just basically that button right you will just have to go and click that and decommission the vonage basically resetting the Vonage and as a result you'll be issued a new token so now we will have to do the same process again basically when I say same process I have to run that same command which we ran earlier basically the request whatever I ran write the request command to activate the V NASCO yeah this one so the chassis is going to remain same I believe yep the chassis number I still see to be the same but I have a feeling the token number would have changed so we will have to run that with the new token number let's do that so let's copy the new token number which got generated right so this obviously will not have this if you are doing it on your lab because like I said I just clicked on that generate bootstrap config and as a result you know it had already generated the bootstrap so once it generates the bootstrap you can't redo the process right so I had to decommission the Vantage and do it again okay so probably takes a bit of time it still not applicable maybe let's wait for a second okay let's refresh this okay let's well that refreshes it's come here yep now you see it's installed so yeah it takes a bit of time maybe a few seconds or a minute or so and it's valid now it looks good you can also check here see here also you can see the serial number reflecting the hexadecimal CL number is reflecting here and that that's a good sign so when it's activated the token number is replaced by the serial number right so we have activated two let's also check the certificate I want to show you where you can see the accessible number here you see if you see the show certificate installed you can see the excited small number that's the same number which you see up here right so that's how you can validate that this particular license or this particular yeah this basically that license basically belongs to this BR too great so we got that covered small to the last part so that's that that looks good that's more than the last part of the discussion here that that looks good okay so that's the serial number let me see what what else do we have this is done the decommissioning and I've talked about that is there anything else then we just recollect so so these are the token numbers which appear to be unused we'll probably use it in the next set of labs okay so let's go back here and do some verification so show control let's check the show control connections right so you can see the connections to be smart to me bond and we managed now all our DTLS connections right this will appear only after you know your V edge has been activated you can see in the V bond as well the previous output had only one of the VH activated but now if you run the same output again you will see there will be two devices which are activated one and two right so we have two V edges up and running you can also see the control connections here you can see there are two voyages just remember in this video we just activated one VH but there was another wheels which I had activated way before this radio so that's why you see two of them we did not activate to VHS in this video and we'll also go down to my dashboard to see you can see there are two we are just appearing here the control connections as well let's click on this three it's taking a bit of time it's very resource-intensive I'd say this particular lab needs a lot of RAM let's see again yep there you go so we have two branches and two branch edges and we have the V smart great guy so I think we have finished what we set out to do so this is what we did we enable the br-2 we have already done the controllers in the previous lab you just enabled VR - so we have a pretty good understanding now about how to on board your Estevan setup right thanks for watching guys and don't you name for more videos in the future thanks again

Info

Channel: BitsPlease

Views: 2,387

Rating: undefined out of 5

Keywords: cisco, sdwan, viptela, vedge, eve-ng, ccie

Id: qfPnG_OfBfo

Channel Id: undefined

Length: 23min 26sec (1406 seconds)

Published: Fri May 01 2020