vEdge4# sh run system host-name vEdge4 system-ip 118.1.5.25 site-id 4 admin-tech-on-failure no route-consistency-check organization-name "viptela sdwan" clock timezone America/Antigua vbond 100.1.1.4 aaa auth-order local radius tacacs usergroup basic task system read write task interface read write ! usergroup netadmin ! usergroup operator task system read task interface read task policy read task routing read task security read ! usergroup tenantadmin ! user admin password $6$xkde4w6MOpvz7.KD$chFVGTTYu2GTEiVccJpSxu4VkII4RNW.VrwOPu5e0doDj4/n0INtGTedH1YtBoteQWBy5wul2Hp/WEvrUcIgG/ ! ! logging disk enable ! ! no cft-enable no cft-cache-enable no anchor-wan-tunnel-pkts ! omp no shutdown graceful-restart advertise connected advertise static ! security ipsec authentication-type ah-sha1-hmac sha1-hmac ! ! vpn 0 interface ge0/1 ip address 118.1.4.1/24 tunnel-interface encapsulation ipsec allow-service all no allow-service bgp allow-service dhcp allow-service dns allow-service icmp allow-service sshd allow-service netconf no allow-service ntp no allow-service ospf no allow-service stun allow-service https ! no shutdown ! ip route 0.0.0.0/0 118.1.4.2 ! vpn 512 interface eth0 ip dhcp-client no shutdown ! ! vEdge4# sh con Possible completions: configuration Display configuration history control Display control information vEdge4# show control connections PEER PEER CONTROLLER PEER PEER PEER SITE DOMAIN PEER PRIV PEER PUB GROUP TYPE PROT SYSTEM IP ID ID PRIVATE IP PORT PUBLIC IP PORT LOCAL COLOR PROXY STATE UPTIME ID ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- vsmart dtls 100.1.1.13 1 1 100.1.1.3 12446 100.1.1.3 12446 default No up 0:00:00:11 0 vbond dtls 0.0.0.0 0 0 100.1.1.4 12346 100.1.1.4 12346 default - up 0:00:00:12 0 vmanage dtls 100.1.1.12 1 0 100.1.1.2 12446 100.1.1.2 12446 default No up 0:01:03:11 0 vEdge4# sh con Possible completions: configuration Display configuration history control Display control information vEdge4# show control local-properties personality vedge sp-organization-name viptela sdwan organization-name viptela sdwan root-ca-chain-status Installed certificate-status Installed certificate-validity Valid certificate-not-valid-before Mar 17 16:38:05 2022 GMT certificate-not-valid-after Mar 14 16:38:05 2032 GMT dns-name 100.1.1.4 site-id 4 domain-id 1 protocol dtls tls-port 0 system-ip 118.1.5.25 chassis-num/unique-id 232a7720-1ff4-fa03-95de-377ddfd9da3f serial-num FC93C741 token Invalid keygen-interval 1:00:00:00 retry-interval 0:00:00:15 no-activity-exp-interval 0:00:00:20 dns-cache-ttl 0:00:02:00 port-hopped TRUE time-since-last-port-hop 0:01:06:09 pairwise-keying Disabled embargo-check success number-vbond-peers 1 INDEX IP PORT ----------------------------------------------------- 0 100.1.1.4 12346 number-active-wan-interfaces 1 NAT TYPE: E -- indicates End-point independent mapping A -- indicates Address-port dependent mapping N -- indicates Not learned Note: Requires minimum two vbonds to learn the NAT type RESTRICT/ LAST VM PUBLIC PUBLIC PRIVATE PRIVATE PRIVATE MAX CONTROL/ LAST SPI TIME NAT CON INTERFACE IPv4 PORT IPv4 IPv6 PORT VS/VM COLOR STATE CNTRL STUN LR/LB CONNECTION REMAINING TYPE PRF ----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ge0/1 118.1.4.1 12406 118.1.4.1 :: 12406 0/1 default up 2 no/yes/no No/No 0:00:00:29 0:11:59:15 N 5 vEdge4# show omp ? Description: OMP information Possible completions: cloudexpress Display cloudexpress gateway application routes multicast-auto-discover Display autodiscovered multicast routes multicast-routes Display multicast Joins peers OMP peers routes IPv4 router link states services Display services summary Display OMP summary tloc-paths Display TLOC paths tlocs Display TLOCs vEdge4# show omp tlocs ? Possible completions: advertised Advertised OMP TLOCs color TLOC color detail Detailed information encap TLOC encapsulation/protocol family Address family ip TLOC IP received Received OMP TLOCs | Output modifiers vEdge4# show omp tlocs --------------------------------------------------- tloc entries for 118.1.2.22 biz-internet ipsec --------------------------------------------------- RECEIVED FROM: peer 100.1.1.13 status C,I,R loss-reason not set lost-to-peer not set lost-to-path-id not set Attributes: attribute-type installed encap-key not set encap-proto 0 encap-spi 256 encap-auth sha1-hmac,ah-sha1-hmac encap-encrypt aes256 public-ip 118.1.2.1 public-port 12406 private-ip 118.1.2.1 private-port 12406 public-ip :: public-port 0 private-ip :: private-port 0 bfd-status up domain-id not set site-id 2 overlay-id not set preference 0 tag not set stale not set weight 1 version 3 gen-id 0x80000001 carrier default restrict 0 groups [ 0 ] border not set unknown-attr-len not set --------------------------------------------------- tloc entries for 118.1.3.23 default ipsec --------------------------------------------------- RECEIVED FROM: peer 100.1.1.13 status C,I,R loss-reason not set lost-to-peer not set lost-to-path-id not set Attributes: attribute-type installed encap-key not set encap-proto 0 encap-spi 256 encap-auth sha1-hmac,ah-sha1-hmac encap-encrypt aes256 public-ip 118.1.3.1 public-port 12386 private-ip 118.1.3.1 private-port 12386 public-ip :: public-port 0 private-ip :: private-port 0 bfd-status up domain-id not set site-id 3 overlay-id not set preference 0 tag not set stale not set weight 1 version 3 gen-id 0x80000001 carrier default restrict 0 groups [ 0 ] border not set unknown-attr-len not set --------------------------------------------------- tloc entries for 118.1.5.25 default ipsec --------------------------------------------------- RECEIVED FROM: peer 0.0.0.0 status C,Red,R loss-reason not set lost-to-peer not set lost-to-path-id not set Attributes: attribute-type installed encap-key not set encap-proto 0 encap-spi 321 encap-auth sha1-hmac,ah-sha1-hmac encap-encrypt aes256 public-ip 118.1.4.1 public-port 12406 private-ip 118.1.4.1 private-port 12406 public-ip :: public-port 0 private-ip :: private-port 0 bfd-status up domain-id not set site-id 4 overlay-id not set preference 0 tag not set stale not set weight 1 version 3 gen-id 0x80000001 carrier default restrict 0 groups [ 0 ] border not set unknown-attr-len not set --------------------------------------------------- tloc entries for 119.1.1.21 default ipsec --------------------------------------------------- RECEIVED FROM: peer 100.1.1.13 status C,I,R loss-reason not set lost-to-peer not set lost-to-path-id not set Attributes: attribute-type installed encap-key not set encap-proto 0 encap-spi 257 encap-auth sha1-hmac,ah-sha1-hmac encap-encrypt aes256 public-ip 119.1.1.1 public-port 12366 private-ip 119.1.1.1 private-port 12366 public-ip :: public-port 0 private-ip :: private-port 0 bfd-status down domain-id not set site-id 1 overlay-id not set preference 0 tag not set stale not set weight 1 version 3 gen-id 0x80000001 carrier default restrict 0 groups [ 0 ] border not set unknown-attr-len not set vEdge4#