Re: Cloud onRamp for Multicloud Azure integration

TomasGahura2939 · ‎02-07-2022

Dear all,

we have Cisco Cloud hosted controllers with vManage running 20.6.1.

We tried this deployment many times in our testing tenant with success but for some reason we cannot make it work in Production tenant.

I am trying to to create Cloud Gateway using vManage workflow.

I tried -

use the whole workflow from vManage
create NVA in Azure Marketplace and let vManage discover it

In both case, vWan and vHub are pre-created in Azure environment.

This guide served as the basis.

https://www.cisco.com/c/en/us/td/docs/routers/sdwan/configuration/cloudonramp/ios-xe-17/cloud-onramp-book-xe.pdf

The issue

After successfully creating Cloud Gateway to Azure, both NVA (C8000v) appears unreachable in vManage and we cannot reach public or private addresses. Provisioning finishes with "success" however both NVA are unreachable. We tested it even with permit any any configuration on both internal and external firewall in Azure.

As I said, this is working for us in test environment, but for some reason not in production. Only difference is testing have 20.5.1, production has 20.6.1 and we have testing controllers in our public cloud, while production is hosted in Cisco cloud. Any ideas?

Thank you for any output.

Lei Tian · ‎02-07-2022

Hello,

Does the vHub use ER or internet? If it is ER, make sure it has reachability to controllers. Are you using custom template or default Azure CoR vWan template? If you use custom template, make sure the interface is correct, I think it’s gig0 for transport.

HTH,
Lei Tian

TomasGahura2939 · ‎02-07-2022

Hello,

its Gig1 and we are using internet through vNET with Azure Firewall. Template is slightly modified default (AAA, NTP etc). I suspect a routing issue in Azure and NVA cannot reach Cisco cloud. Need to troubleshoot it a bit more.