Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

Settings

Use the Settings screen to configure your organization name, vBond orchestrator's DNS/IP address, certificate authorization settings, and to install a web server certificate.

Screen Elements

  • Top bar—On the left are the menu icon, for expanding and collapsing the vManage menu, and the vManage product name. On the right are a number of icons and the user profile drop-down.
  • Title bar—Includes the title of the screen, Settings.
  • Organization Name bar—Click View to view the organization name or Edit to edit the name.
  • vBond bar—Click View to view the vBond DNS/IP address or Edit to enter new values.
  • Certificate Authorization bar—Click View to view the certificate authorization settings or Edit to edit the settings.
  • vEdge Cloud Certificate Authorization bar—Click View to view the vEdge Cloud certification authorization setting or Edit to edit the setting.
  • Web Server Certificate bar—Click CSR to generate a Certificate Signing Request (CSR) for a web server certificate or Certificate to install the certificate.
  • Enforce Software Version bar—Click View to view the software version enforced on a vEdge router or Edit to enforce a software version on the router.
  • Banner bar—Click View to view the custom banner on the vManage login screen or Edit to edit or create a custom banner.
  • Statistics Setting bar—Click View to view the current settings for collecting device statistics or Edit to edit the settings.
  • CloudExpress bar—Click View to view the current settings for CloudExpress service or Edit to edit the settings.
  • vAnalytics bar—Click View to view the current settings for the vAnalytics platform or Edit to edit the settings.
  • Client Session Timeout bar—Click View to view the current vManage client session timeout setting or Edit to edit the setting.
  • Statistics Configuration bar—Click View to view the current time interval for collecting device statistics or Edit to edit the settings.

g00364.png

Configure Organization Name

Before you can generate a CSR, you must configure the name of your organization. The organization name is included in the CSR.

To configure the organization name:

  1. Click the Edit button to the right of the Organization Name bar.
  2. In the Organization Name field, enter the name of your organization. The organization name must be identical to the name that is configured on the vBond orchestrator.
  3. In the Confirm Organization Name field, re-enter and confirm your organization name.
  4. Click Save.

Note that once the control connections are up and running, the organization name bar is not editable.

Configure vBond DNS Name or IP Address

  1. Click the Edit button to the right of the vBond bar.
  2. In the vBond DNS/IP Address: Port field, enter the DNS name that points to the vBond orchestrator or the IP address of the vBond orchestrator and the port number to use to connect to it.
  3. Click Save.

Configure Certificate Authorization Settings

Signed certificates are used to authenticate devices in the overlay network. Once authenticated, devices can establish secure sessions between each other. It is from the vManage NMS that you generate these certificates and install them on the controller devices—vManage NMSs, vBond orchestrators, and vSmart controllers.

To configure certification authorization settings:

  1. Click the Edit button to the right of the Certificate Authorization bar.
  2. In Certificate Signing by Symantec, select Automated to have the Symantec signing server automatically generate, sign, and install certificates on each controller device. If not, select Manual.
  3. Enter the first and last name of the requestor of the certificate.
  4. Enter the email address of the requestor of the certificate. If you selected Manual in Step 1, the signed certificate and a confirmation email are sent to the requestor via email and are also made available though the customer portal.
  5. Specify the validity period for the certificate.
  6. Click the Edit Challenge Phrase checkbox to enter a challenge phrase. The challenge phrase is your certificate password and is required when you renew or revoke a certificate.
  7. Confirm your challenge phrase.
  8. In the Certificate Retrieve Interval field, specify how often the vManage server checks if the Symantec signing server has sent the certificate.
  9. Click Save.

You need to select the certificate-generation method only once. The method you select is automatically used each time you add a device to the overlay network.

Configure vEdge Cloud Certificate Authorization Settings

Certificates are used to authenticate vEdge Cloud routers in the overlay network. Once authentication is complete, vEdge Cloud routers can establish secure sessions with other devices in the overlay network.

By default, vEdge Cloud certification authorization is automated. This is the recommended setting.

If you use third-party certificate authorization, configure certificate authorization to be manual:

  1. Click the Edit button to the right of the vEdge Cloud Certificate Authorization bar.
  2. In the vEdge Cloud field, click Manual (Enterprise CA).
  3. Click Save.

Generate Web Server Certificate

To establish a secure connection between your web browser and the vManage server using authentic certificates, generate a CSR to create a certificate, have it signed by a root CA, and then install it. To do so:

  1. Click the CSR button to the right of the Web Server Certificate bar.
  2. In the Common Name field, enter the domain name or IP address of the vManage server. For example, the fully-qualified domain name of vManage could be vmanage.org.local.
  3. In the Organizational Unit field, enter the unit name within your organization, for example, Network Engineering.
  4. In the Organization field, enter the exact name of your organization as specified by your root CA, for example, Viptela Inc.
  5. In the City field, enter the name of the city where your organization is located, for example, San Jose.
  6. In the State field, enter the state in which your city is located, for example, California.
  7. In the 2-Letter Country Code field, enter the two-letter code for the country in which your state is located. For example, the two-letter country code for the United States of America is US.
  8. From the Validity drop-down, select the validity period for the certificate.
  9. Click Generate to generate the CSR.
  10. Send the CSR to Symantec or a root CA ;for signing.
  11. When you receive the signed certificate, click the Certificate button to the right of the Web Server Certificate bar to install the new certificate. The View box displays the current certificate on the vManage server.
  12. Copy and paste the new certificate in the box. Or click the Import button, click Select a File to download the new certificate file, and click Import.
  13. Once the certificate is installed, reboot the vManage server.

Below is an example of a certificate generated with the above configuration. Note that the certificate is truncated in this example.

Enforce Software Version on vEdge Routers

If you are using the Viptela ZTP hosted service, you can enforce a version of the Viptela software to run on a vEdge router when it first joins the overlay network. To do so:

  1. Click the Edit button to the right of the Enforce Software Version (ZTP) bar.
  2. In the Enforce Software Version field, click Enabled.
  3. From the Software Version drop-down, select the version of the software to enforce on vEdge routers when they join the network.
  4. Click Save.

If you enabled this feature on the vManage NMS, any vEdge router joining the network is configured with the version of the software specified in the Enforce Software Version field regardless of whether the router was running a higher or lower version of Viptela software.

Create a Custom Banner

To create a custom banner that is displayed after you log in to the vManage NMS:

  1. Click the Edit button to the right of the Banner bar.
  2. In the Enable Banner field, click Enabled.
  3. In the Banner Info text box, enter the text string for the login banner or click Select a File to download a file that contains the text string.
  4. Click Save.

Collect Device Statistics

To enable or disable the collection of statistics for devices in the overlay network:

  1. Click the Edit button to the right of the Statistics Settings bar. By default, all statistics collection settings are enabled for all Viptela devices.
  2. To set statistics collection parameters for all devices in the network, click Disable All for the parameter you wish to disable statistics collection for.
    To return to the saved settings during an edit operation, click Reset.
    To return the saved settings to the factory-default settings, click Restore Factory Default
  3. To set statistics collection parameters for individual devices in the network, click Custom to select devices on which to enable or disable statistics collection. The Select Devices popup screen opens listing the hostname and device IP of all devices in the network. Select one or more devices from the Enabled Devices column on the left and click the arrow pointing right to move the device to the Disabled Devices column on the right. To move devices from the Disabled Devices to the Enabled Devices column, select one or more devices and click the arrow pointing left. To select all devices in the Select Devices popup screen, click the Select All checkbox in either window. Click Done when all selections are made.
  4. Click Save.

Enable CloudExpress Service

  1. Click the Edit button to the right of the CloudExpress bar.
  2. In the Enable CloudExpress field, click Enabled.
  3. Click Save.

Enable vAnalytics Platform

  1. Click the Edit button to the right of the vAnalytics bar.
  2. In the Enable vAnalytics field, click Enabled.
  3. Click Save.

Enable vManage Client Session Timeout

By default, a user's session to a vManage client remains established indefinitely and never times out. To set how long a vManage client session is inactive before a user is logged out:

  1. Click the Edit button to the right of the Client Session Timeout bar.
  2. In the Session Timeout field, click Enabled.
  3. In the Timeout field, enter the timeout value, in minutes. This value can be from 10 to 180 minutes.
  4. Click Save.

The client session timeout value applies to all vManage servers in a vManage cluster.

Set Interval to Collect Device Statistics

To set the time interval at which vManage NMS should collect statistics for devices in the overlay network:

  1. Click the Edit button to the right of the Statistics Configuration bar. By default, statistics is collected for all Viptela devices every 30 minutes.
  2. Click the up or down arrow in the Collection Interval drop-down to change the frequency at which to collect device statistics. The minimum time you can specify is 5 minutes and the maximum is 180 minutes.
  3. Click Save.
  • Was this article helpful?