Once you have set up and started the virtual machines (VMs) for the vManage NMSs, they come up with a factory-default configuration. You then configure each vManage NMS directly from the vManage server itself, by creating a device configuration template, so that the vManage NMS can be authenticated and verified and can join the overlay network. At a minimum, you must configure the IP address of your network's vBond orchestrator, the device's system IP address, and a tunnel interface in VPN 0 to use for exchanging control traffic among the network controller devices (the vBond, vManage, and vSmart devices).
For the overlay network to be operational and for the vManage NMSs to participate in the overlay network, you must do the following:
- Configure a tunnel interface on at least one interface in VPN 0. This interface must connect to a WAN transport network that is accessible by all Viptela devices. VPN 0 carries all control plane traffic among the Viptela devices in the overlay network.
- Ensure that the Overlay Management Protocol (OMP) is enabled. OMP is the protocol responsible for establishing and maintaining the Viptela control plane. OMP is enabled by default, and you cannot disable it. If you edit the configuration from the CLI, do not remove the omp configuration command.
Note: For a vManage cluster, you must configure each vManage NMS in the cluster individually, from that vManage server itself. You cannot create a vManage configuration template on one vManage server and attach other vManage NMSs to that device template.
Configure the vManage NMS with a Device Configuration Template
To configure the vManage NMS, create a device configuration template:
- Configure the address of the vBond orchestrator:
- Select the Administration ► Settings screen.
- Click the Edit button to the right of the vBond bar.
- In the vBond DNS/IP Address: Port field, enter the DNS name that points to the vBond orchestrator or the IP address of the vBond orchestrator and the port number to use to connect to it.
- Click Save.
- In vManage NMS, select the Configuration ► Templates screen.
- In the Device tab, click Create Template.
- From the Create Template drop-down, select From Feature Template.
- From the Device Model drop-down, select vManage. vManage NMS displays all the feature templates for configuring a vManage NMS. The required feature templates are indicated with an asterisk (*), and the remaining templates are optional. The factory-default template for each feature is selected by default.
- In the Template Name field, enter a name for the device template. This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.
- In the Description field, enter a description for the device template. This field is mandatory, and it can contain any characters and spaces.
- In the System feature template, configure the Site ID, System IP Address, Hostname, Location, Timezone, and GPS Location.
- In the AAA feature template, in the Local tab, click Users, and change the password for the user "admin."
- In the VPN feature template, select VPN 0 and configure the system IP address and the address or hostname of a DNS server. If necessary, click the Route tab and add a static route.
- If you need to add a static route in VPN 512, in a second VPN feature template, select VPN 512, click the Route tab, and add the static route.
- In the VPN-Interface-Ethernet feature template, configure the interface in VPN 0 to use as a tunnel interface to connect to the WAN transport network. In Shutdown, click No, enter the Interface Name, and assign the interface either a dynamic or static address. In the Interface Tunnel tab, in Tunnel Interface, click On. Then assign a color to the tunnel interface, and select the desired services to allow on the tunnel.
Note: You must configure a tunnel interface on at least one interface in VPN 0 for the overlay network to come up and for the vManage NMS to be able to participate in the overlay network. This interface must connect to a WAN transport network that is accessible by all Viptela devices. VPN 0 carries all control plane traffic among the Viptela devices in the overlay network.
- In a second VPN-Interface-Ethernet feature template, configure the interface to use as the management interface in VPN 512. In Shutdown, click No, enter the Interface Name, and assign the interface either a dynamic or static address.
- In the Security feature template, configure the control plane protocol.
- Optionally, modify the default Archive, Banner, Logging, NTP, and SNMP feature templates. Use the Banner template to configure MOTD and login banners that are displayed when you log in to the device through the CLI. To create a login banner that is displayed when you log in to the vManage server, select Administration ► Settings ► Banner.
- Click Create. The new configuration template is displayed in the Device Template table. The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "Feature" to indicate that the device template was created from a collection of feature templates.
- In the Device Template table, locate the desired device template.
- Click the More Actions icon to the right of the row, and select Attach Devices.
- In the Attach Devices box, select the local vManage NMS from the Available Devices list, and click the right-pointing arrow to move it to the Selected Devices box.
- Click Attach.
Sample CLI Configuration
Below is an example of a simple vManage NMS configuration. Note that this configuration includes a number of settings from the factory-default configuration and shows a number of default configuration values.
vManage# show running-config system host-name vManage gps-location latitude 40.7127837 gps-location longitude -74.00594130000002 system-ip 172.16.255.22 site-id 200 organization-name "Viptela Inc" clock timezone America/Los_Angeles vbond 10.1.14.14 aaa auth-order local radius tacacs usergroup basic task system read write task interface read write ! usergroup netadmin ! usergroup operator task system read task interface read task policy read task routing read task security read ! user admin password encrypted-password ! ! logging disk enable ! ! ! snmp no shutdown view v2 oid 22.214.171.124 ! community private view v2 authorization read-only ! trap target vpn 0 10.0.1.1 16662 group-name Viptela community-name private ! trap group test all level critical major minor exit exit ! vpn 0 interface eth1 ip address 10.0.12.22/24 tunnel-interface color public-internet allow-service dhcp allow-service dns allow-service icmp no allow-service sshd allow-service netconf no allow-service ntp no allow-service stun allow-service https ! no shutdown ! ip route 0.0.0.0/0 10.0.12.13 ! vpn 512 interface eth0 ip 172.16.14.145/23 no shutdown ! ip route 0.0.0.0/0 172.16.14.1 !