Creating SD-WAN controller profiles and custom templates
Before you can create VPCs or VNets in the Wired portal, you must create a customer profile and custom templates in the Cisco and VMware SD-WAN controller products.
Creating custom templates in the Cisco SD-WAN controller
In the Cisco SD-WAN controller product, that is, the Cisco vManage portal, complete the following steps:
- Create a custom VPN 0 template.
- In the main menu, click Configuration > Templates.
- In the templates page, create a feature template.
- Select the vEdge Cloud device and the VPN template.
- In the template details, add a meaningful name and description.
- In the IPv4 route settings, create a route.
- Set the prefix to 0.0.0.0/0.
- Set the gateway to Next Hop and add a next hop.
- In the next hop address setting, choose a device-specific scope and set the address key to vpn_next_hop_ip_address_0.
- Add the hop and save the template.
- Create a custom VPN 0 interface template.
- In the main templates page, create another feature template.
- Select the vEdge Cloud device and the VPN Interface Ethernet (WAN) template.
- In the template details, add a meaningful name and description.
- Configure the basic settings. For each setting where a scope applies, choose a global scope,
then configure the setting.
- In the shutdown setting, disable shutdowns.
- In the interface name setting, set the name to ge0/0.
- In the IPv4 section, choose the dynamic configuration.
- Configure these tunnel settings. For each setting, choose a global scope, then configure the setting.
- In the tunnel interface setting, enable the interface.
- In the color setting, set the color to public-internet.
- In the restriction setting, disable restrictions.
- In the control connections setting, set the maximum number to 4.
- Configure these service allowance settings. For each setting, choose a global scope, then
configure the setting.
- In the SSH service setting, allow the service.
- In the advanced options, in the IPsec service setting, allow the service.
- In the network address translation (NAT) setting, choose a global scope and enable NAT.
- In the 802.1X protocol setting, choose a global scope and disable global 802.1X authentication.
- Save the template.
- Create a custom VPN 512 interface template.
- In the main templates page, create another feature template.
- Select the vEdge Cloud device and the VPN Interface Ethernet (Management) template.
- In the template details, add a meaningful name and description.
- Configure the basic settings. For each setting where a scope applies, choose a global scope,
then configure the setting.
- In the shutdown setting, disable shutdowns.
- In the interface name setting, set the name to eth0.
- In the IPv4 section, choose the dynamic configuration.
- Save the template.
- Create a custom service VPN template.
- In the main templates page, create another feature template.
- Select the vEdge Cloud device and the VPN template.
- In the template details, add a meaningful name and description.
- In the basic configuration settings, set the VPN identifier to 10.
- Configure these settings for route advertisements to the overlay management protocol (OMP).
- Enable the advertising of static IPv4 routes.
- Enable the advertising of connected IPv4 routes.
- Configure the IPv4 route settings.
- Create a route and set the prefix to 0.0.0.0/0.
- Set the gateway to Next Hop and add a next hop.
- In the next hop address setting, choose a device-specific scope and set the address key to service_vpn_next_hop_ip_address_0.
- Add the hop and save the template.
- Create a custom service VPN interface template.
- In the main templates page, create another feature template.
- Select the vEdge Cloud device and the VPN Interface Ethernet (LAN) template.
- In the template details, add a meaningful name and description.
- Configure these basic settings.
- In the shutdown setting, choose a global scope and disable shutdowns.
- In the interface name setting, choose a global scope and set the name to ge0/1.
- In the IPv4 section, choose the static configuration.
- In the IPv4 address setting, choose a device-specific scope and set the address key to vpn_if_ipv4_address.
- Configure these advanced settings. For each setting, choose a global scope, then configure the setting.
- Set the global maximum transmission unit (MTU) size of IP packets to 1400.
- Set the global maximum segment size (MSS) of TPC SYN packets to 1360.
- Save the template.
- Create a custom device template.
- In the main templates page, create a device template and select the From Feature Template creation option.
- Select the vEdge Cloud device and the SDWAN Edge device role.
- In the template details, add a meaningful name and description.
- In the basic configuration settings, set each template to the factory default template.
- Configure the transport and management VPN settings.
- Set the VPN 0 template to the template that you created in step 1.
- Set the VPN Interface template to the template that you created in step 2.
- Set the VPN 512 template to the factory default template.
- Add another VPN 512 template and select the template that you created in step 3.
- Configure the service VPN settings.
- Add a VPN and select the template that you created in step 4.
- Click Next.
- Click the additional VPN interface template and select the template that you created in step 5.
- Add the VPN and save the template.
- Retrieve the custom device template ID. You need this ID when you create template data for the
Cisco SD-WAN controller in Site Planner.
- In the main templates page, locate the list of device templates.
- View the device template that you created in step 6.
- In your browser's address bar, retrieve the ID by copying the portion of the template's URL that
follows
.../template/device/feature/view/
.For example, if the template's URL is
https://www.ibm-emea-vmanage.viptela.net/#/app/config//template/device/feature/view/c0b22c52-47de-4721-841d-2918f1c7f9a2
, the template ID isc0b22c52-47de-4721-841d-2918f1c7f9a2
.
Creating a profile in the VMWare SD-WAN controller
In the VMWare SD-WAN controller product, that is, the VMware Cloud Orchestrator portal, complete the following steps:
- In the customers page, click your customer name.
- In the configuration page, in the profile tab, create a profile by copying the quick-start profile.
- In the device tab, in the connectivity section, open the VLAN settings.
- Configure the VLAN settings.
- In the general settings, click the ICMP Echo Response option and clear the DNS Proxy option.
- In the IPv4 settings, set the IPv4 DHCP server type to Deactivated.
- Save your changes.
- In the device tab, in the connectivity section, open the interface settings.
- Configure the interface settings.
- Ensure that Virtual Edge is the only edge model.
- Disable the GE1 interface.
- In the GE2 interface settings, set the capability to Routed and save your changes.
- Configure the GE3 interface settings.
- Set the capability to Switched.
- Set the switch port mode to Access Port.
- Set the switch port VLANs to 1-Corporate and save your changes.
- Disable all interfaces from GE4 onwards.
- In the device tab, in the VPN services section, enable cloud VPN services.
- Enable the branch-to-branch VPN service and configure its settings.
- Enable the service only for cloud gateways.
- Enable dynamic branch-to-branch VPN to all edges.
- Leave all other values unchanged and save the profile.
- Retrieve the profile ID. You need this ID when you create template data for the VMWare SD-WAN controller in Site Planner.
- In the configuration page, in the profile tab, open the profile that you created.
- In your browser's address bar, retrieve the ID by copying the portion of the profile's URL that
follows
.../sd-wan/configure/profiles/
.For example, if the profile's URL is
https://www.vco22-fra1.velocloud.net/ui/msp/customers/1169/sd-wan/configure/profiles/30016
, the profile ID is30016
.