06-13-2022 07:20 AM
Hi guys,
I hope you're well.
Hoping someone can help me or at least point me in the right direction to some useful articles that I can read to understand. Doing some studying on Cisco SD-WAN ZTP and from my understanding once the router is networked and powered-up it will connect to a ZTP Public Cloud Server whereby it will respond back with the vBond address allowing it to connect to our vBond and then our vSmart and vManage and obtain it's configuration via our configured templates.
However, say for example this device will be internet facing and will directly terminate to a fibre ONT that requires PPP authentication is this ZTP concept still valid or would I be required to configure the device with the necessary details first in order for it to authenticate and obtain internet access for it to then go through this ZTP process and obtain it's configuration?
Thanks in advance,
Dan.
06-13-2022 07:38 AM
Looking at the doc
Process 1: Prerequisites for WAN Edge Onboarding
The below checklist showcases the prerequisites that are needed before proceeding with the WAN Edge onboarding process.
Procedure 1: Prerequisites for all Onboarding Options
Verify and validate the onboarding prerequisites that apply to all onboarding options.
• Make sure the WAN Edge device has reachability to the vBond orchestrator, vManage and vSmart controllers.
Then, as you can see, the doc does not focus on how are you going to provide this connectivity. So, my undestanding is that, the device will perform the ZTP process if and when, it has connectivity to the controllers, not necessary to the internet as many companies use on premise.
But, of course, if your controllers can be reacheable through the internet, then, the PPP process must come first the ZTP.
Just to add something more, I worked recently in a project for SDWAN and we used to configured the vBond as a host on the cEdge, instead wait for DNS. As the vBond is the first call, we have found interesting resolve it on the router directly.
06-13-2022 07:50 AM
Hi Flavio.
Thanks for that info!
Understood, so prior to the ZTP process I would need to have my device setup for PPPoE so that when the device is connect to the ISP circuit it is authenticated and handed an IP address whereby the device will then talk out to the ZTP server and go through the ZTP process.
Thanks,
Dan.
06-13-2022 07:47 AM
06-13-2022 07:56 AM
Understood, I can understand from the perspective that the device we're installing is not an edge device and is connecting to another device that is terminating out ISP circuit. In this case, our device would receive a DHCP addresses and there would be no configuration required but if this device is to terminate our ISP circuit we would need to have the PPP configuration applied prior in order for the ZTP process to initiate?
06-13-2022 08:10 AM
06-13-2022 08:16 AM
Hi Svemulap,
Would I not need to configure PPP first in order for the ZTP process to begin, as if this is an edge device this would be required in order to authenticate with the ISP, obtain an public IP addresses and provide internet access which would be required to connect to the ZTP public server and begin the ZTP?
Regards,
Dan.
06-13-2022 09:02 AM
06-14-2022 03:29 AM
Hi Svemulap,
Say for example I'm in a scenario whereby I am sending a router to a remote location but do not want an onsite engineer to conduct any configuration on the device, essentially it won't be true "zero-touch" as at some point I will need to configure PPP in order authenticate to the ISP circuit.
So I either pre-configure the device and ship this out pre-configured or if I wanted to use the "zero-touch" procedure I would still require someone onsite in order to configure the PPP once the ZTP process has intiated?
Regards,
Dan.
06-14-2022 08:49 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide