Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

Configure the vManage NMS

Once you have set up and started the virtual machines (VMs) for the vManage NMSs, they come up with a factory-default configuration. You then configure each vManage NMS directly from the vManage server itself, by creating a device configuration template, so that the vManage NMS can be authenticated and verified and can join the overlay network. At a minimum, you must configure the IP address of your network's vBond orchestrator, the device's system IP address, and a tunnel interface in VPN 0 to use for exchanging control traffic among the network controller devices (the vBond, vManage, and vSmart devices).

For the overlay network to be operational and for the vManage NMSs to participate in the overlay network, you must do the following:

  • Configure a tunnel interface on at least one interface in VPN 0. This interface must connect to a WAN transport network that is accessible by all Viptela devices. VPN 0 carries all control plane traffic among the Viptela devices in the overlay network.
  • Ensure that the Overlay Management Protocol (OMP) is enabled. OMP is the protocol responsible for establishing and maintaining the Viptela control plane. OMP is enabled by default, and you cannot disable it. If you edit the configuration from the CLI, do not remove the omp configuration command.

Note: For a vManage cluster, you must configure each vManage NMS in the cluster individually, from that vManage server itself. You cannot create a vManage configuration template on one vManage server and attach other vManage NMSs to that device template.

Configure the vManage NMS with a Device Configuration Template

To configure the vManage NMS, create a device configuration template:

  1. Configure the address of the vBond orchestrator:
    1. Select the Administration ► Settings screen.
    2. Click the Edit button to the right of the vBond bar.
    3. In the vBond DNS/IP Address: Port field, enter the DNS name that points to the vBond orchestrator or the IP address of the vBond orchestrator and the port number to use to connect to it.
    4. Click Save.
  2. In vManage NMS, select the Configuration ► Templates screen.
  3. In the Device tab, click Create Template.
  4. From the Create Template drop-down, select From Feature Template.
  5. From the Device Model drop-down, select vManage. vManage NMS displays all the feature templates for configuring a vManage NMS. The required feature templates are indicated with an asterisk (*), and the remaining templates are optional. The factory-default template for each feature is selected by default.
  6. In the Template Name field, enter a name for the device template. This field is mandatory and can contain only uppercase and lowercase letters, the digits 0 through 9, hyphens (-), and underscores (_). It cannot contain spaces or any other characters.
  7. In the Description field, enter a description for the device template. This field is mandatory, and it can contain any characters and spaces.
  8. In the System feature template, configure the Site ID, System IP Address, Hostname, Location, Timezone, and GPS Location.
  9. In the AAA feature template, in the Local tab, click Users, and change the password for the user "admin."
  10. In the VPN feature template, select VPN 0 and configure the system IP address and the address or hostname of a DNS server. If necessary, click the Route tab and add a static route.
  11. If you need to add a static route in VPN 512, in a second VPN feature template, select VPN 512, click the Route tab, and add the static route.
  12. In the VPN-Interface-Ethernet feature template, configure the interface in VPN 0 to use as a tunnel interface to connect to the WAN transport network. In Shutdown, click No, enter the Interface Name, and assign the interface either a dynamic or static address. In the Interface Tunnel tab, in Tunnel Interface, click On. Then assign a color to the tunnel interface, and select the desired services to allow on the tunnel.

Note: You must configure a tunnel interface on at least one interface in VPN 0 for the overlay network to come up and for the vManage NMS to be able to participate in the overlay network. This interface must connect to a WAN transport network that is accessible by all Viptela devices. VPN 0 carries all control plane traffic among the Viptela devices in the overlay network.

  1. In a second VPN-Interface-Ethernet feature template, configure the interface to use as the management interface in VPN 512. In Shutdown, click No, enter the Interface Name, and assign the interface either a dynamic or static address.
  2. In the Security feature template, configure the control plane protocol.
  3. Optionally, modify the default Archive, Banner, Logging, NTP, and SNMP feature templates. Use the Banner template to configure MOTD and login banners that are displayed when you log in to the device through the CLI. To create a login banner that is displayed when you log in to the vManage server, select Administration ► Settings ► Banner.
  4. Click Create. The new configuration template is displayed in the Device Template table. The Feature Templates column shows the number of feature templates that are included in the device template, and the Type column shows "Feature" to indicate that the device template was created from a collection of feature templates.
  5. In the Device Template table, locate the desired device template.
  6. Click the More Actions icon to the right of the row, and select Attach Devices.
  7. In the Attach Devices box, select the local vManage NMS from the Available Devices list, and click the right-pointing arrow to move it to the Selected Devices box.
  8. Click Attach.

Sample CLI Configuration

Below is an example of a simple vManage NMS configuration. Note that this configuration includes a number of settings from the factory-default configuration and shows a number of default configuration values.

vManage# show running-config 
system
 host-name         vManage
 gps-location latitude 40.7127837
 gps-location longitude -74.00594130000002
 system-ip         172.16.255.22
 site-id           200
 organization-name "Viptela Inc"
 clock timezone America/Los_Angeles
 vbond 10.1.14.14
 aaa
  auth-order local radius tacacs
  usergroup basic
   task system read write
   task interface read write
  !
  usergroup netadmin
  !
  usergroup operator
   task system read
   task interface read
   task policy read
   task routing read
   task security read
  !
  user admin
   password encrypted-password
  !
 !
 logging
  disk
   enable
  !
 !
!
snmp
 no shutdown
 view v2
  oid 1.3.6.1
 !
 community private
  view          v2
  authorization read-only
 !
 trap target vpn 0 10.0.1.1 16662
  group-name     Viptela
  community-name private
 !
 trap group test
  all
   level critical major minor
  exit
 exit
!
vpn 0
 interface eth1
  ip address 10.0.12.22/24
  tunnel-interface
   color public-internet
   allow-service dhcp
   allow-service dns
   allow-service icmp
   no allow-service sshd
   allow-service netconf
   no allow-service ntp
   no allow-service stun
   allow-service https
  !
  no shutdown
 !
 ip route 0.0.0.0/0 10.0.12.13
!
vpn 512
 interface eth0
  ip 172.16.14.145/23
  no shutdown
 !
 ip route 0.0.0.0/0 172.16.14.1
!
  • Was this article helpful?