Creating SD-WAN controller profiles and custom templates

Before you can create VPCs or VNets in the Wired portal, you must create a customer profile and custom templates in the Cisco and VMware SD-WAN controller products.

Creating custom templates in the Cisco SD-WAN controller

In the Cisco SD-WAN controller product, that is, the Cisco vManage portal, complete the following steps:
  1. Create a custom VPN 0 template.
    1. In the main menu, click Configuration > Templates.
    2. In the templates page, create a feature template.
    3. Select the vEdge Cloud device and the VPN template.
    4. In the template details, add a meaningful name and description.
    5. In the IPv4 route settings, create a route.
    6. Set the prefix to 0.0.0.0/0.
    7. Set the gateway to Next Hop and add a next hop.
    8. In the next hop address setting, choose a device-specific scope and set the address key to vpn_next_hop_ip_address_0.
    9. Add the hop and save the template.
  2. Create a custom VPN 0 interface template.
    1. In the main templates page, create another feature template.
    2. Select the vEdge Cloud device and the VPN Interface Ethernet (WAN) template.
    3. In the template details, add a meaningful name and description.
    4. Configure the basic settings. For each setting where a scope applies, choose a global scope, then configure the setting.
      • In the shutdown setting, disable shutdowns.
      • In the interface name setting, set the name to ge0/0.
      • In the IPv4 section, choose the dynamic configuration.
    5. Configure these tunnel settings. For each setting, choose a global scope, then configure the setting.
      • In the tunnel interface setting, enable the interface.
      • In the color setting, set the color to public-internet.
      • In the restriction setting, disable restrictions.
      • In the control connections setting, set the maximum number to 4.
    6. Configure these service allowance settings. For each setting, choose a global scope, then configure the setting.
      • In the SSH service setting, allow the service.
      • In the advanced options, in the IPsec service setting, allow the service.
    7. In the network address translation (NAT) setting, choose a global scope and enable NAT.
    8. In the 802.1X protocol setting, choose a global scope and disable global 802.1X authentication.
    9. Save the template.
  3. Create a custom VPN 512 interface template.
    1. In the main templates page, create another feature template.
    2. Select the vEdge Cloud device and the VPN Interface Ethernet (Management) template.
    3. In the template details, add a meaningful name and description.
    4. Configure the basic settings. For each setting where a scope applies, choose a global scope, then configure the setting.
      • In the shutdown setting, disable shutdowns.
      • In the interface name setting, set the name to eth0.
      • In the IPv4 section, choose the dynamic configuration.
    5. Save the template.
  4. Create a custom service VPN template.
    1. In the main templates page, create another feature template.
    2. Select the vEdge Cloud device and the VPN template.
    3. In the template details, add a meaningful name and description.
    4. In the basic configuration settings, set the VPN identifier to 10.
    5. Configure these settings for route advertisements to the overlay management protocol (OMP).
      • Enable the advertising of static IPv4 routes.
      • Enable the advertising of connected IPv4 routes.
    6. Configure the IPv4 route settings.
      1. Create a route and set the prefix to 0.0.0.0/0.
      2. Set the gateway to Next Hop and add a next hop.
      3. In the next hop address setting, choose a device-specific scope and set the address key to service_vpn_next_hop_ip_address_0.
      4. Add the hop and save the template.
  5. Create a custom service VPN interface template.
    1. In the main templates page, create another feature template.
    2. Select the vEdge Cloud device and the VPN Interface Ethernet (LAN) template.
    3. In the template details, add a meaningful name and description.
    4. Configure these basic settings.
      • In the shutdown setting, choose a global scope and disable shutdowns.
      • In the interface name setting, choose a global scope and set the name to ge0/1.
      • In the IPv4 section, choose the static configuration.
      • In the IPv4 address setting, choose a device-specific scope and set the address key to vpn_if_ipv4_address.
    5. Configure these advanced settings. For each setting, choose a global scope, then configure the setting.
      • Set the global maximum transmission unit (MTU) size of IP packets to 1400.
      • Set the global maximum segment size (MSS) of TPC SYN packets to 1360.
    6. Save the template.
  6. Create a custom device template.
    1. In the main templates page, create a device template and select the From Feature Template creation option.
    2. Select the vEdge Cloud device and the SDWAN Edge device role.
    3. In the template details, add a meaningful name and description.
    4. In the basic configuration settings, set each template to the factory default template.
    5. Configure the transport and management VPN settings.
      • Set the VPN 0 template to the template that you created in step 1.
      • Set the VPN Interface template to the template that you created in step 2.
      • Set the VPN 512 template to the factory default template.
      • Add another VPN 512 template and select the template that you created in step 3.
    6. Configure the service VPN settings.
      • Add a VPN and select the template that you created in step 4.
      • Click Next.
      • Click the additional VPN interface template and select the template that you created in step 5.
      • Add the VPN and save the template.
  7. Retrieve the custom device template ID. You need this ID when you create template data for the Cisco SD-WAN controller in Site Planner.
    1. In the main templates page, locate the list of device templates.
    2. View the device template that you created in step 6.
    3. In your browser's address bar, retrieve the ID by copying the portion of the template's URL that follows .../template/device/feature/view/.

      For example, if the template's URL is https://www.ibm-emea-vmanage.viptela.net/#/app/config//template/device/feature/view/c0b22c52-47de-4721-841d-2918f1c7f9a2, the template ID is c0b22c52-47de-4721-841d-2918f1c7f9a2.

Creating a profile in the VMWare SD-WAN controller

In the VMWare SD-WAN controller product, that is, the VMware Cloud Orchestrator portal, complete the following steps:
  1. In the customers page, click your customer name.
  2. In the configuration page, in the profile tab, create a profile by copying the quick-start profile.
  3. In the device tab, in the connectivity section, open the VLAN settings.
  4. Configure the VLAN settings.
    1. In the general settings, click the ICMP Echo Response option and clear the DNS Proxy option.
    2. In the IPv4 settings, set the IPv4 DHCP server type to Deactivated.
    3. Save your changes.
  5. In the device tab, in the connectivity section, open the interface settings.
  6. Configure the interface settings.
    1. Ensure that Virtual Edge is the only edge model.
    2. Disable the GE1 interface.
    3. In the GE2 interface settings, set the capability to Routed and save your changes.
    4. Configure the GE3 interface settings.
      • Set the capability to Switched.
      • Set the switch port mode to Access Port.
      • Set the switch port VLANs to 1-Corporate and save your changes.
    5. Disable all interfaces from GE4 onwards.
  7. In the device tab, in the VPN services section, enable cloud VPN services.
  8. Enable the branch-to-branch VPN service and configure its settings.
    1. Enable the service only for cloud gateways.
    2. Enable dynamic branch-to-branch VPN to all edges.
  9. Leave all other values unchanged and save the profile.
  10. Retrieve the profile ID. You need this ID when you create template data for the VMWare SD-WAN controller in Site Planner.
    1. In the configuration page, in the profile tab, open the profile that you created.
    2. In your browser's address bar, retrieve the ID by copying the portion of the profile's URL that follows .../sd-wan/configure/profiles/.

      For example, if the profile's URL is https://www.vco22-fra1.velocloud.net/ui/msp/customers/1169/sd-wan/configure/profiles/30016, the profile ID is 30016.