cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Choose one of the topics below for SD-WAN Resources to help you on your journey with SD-WAN

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.

903
Views
0
Helpful
9
Replies
Highlighted
Beginner

Demonstrate On prem ZTP server

I have to demonstrate on prem ztp server, what are the prerequist or how to configure. i have follow the below link:-

https://sdwan-docs.cisco.com/Product_Documentation/Getting_Started/Viptela_Overlay_Network_Bringup/04Deploy_the_vBond_Orchestrator/05Start_the_Enterprise_ZTP_Server

 

but, whenever i am adding the ZTP server to vManage , it has added but control connections are not showing under 

 show orchestrator connections,

 

can anyone type the steps of deployment of on prem ZTP server?

Regards,
Rohit Raj
9 REPLIES 9
Highlighted
Rising star


What have you done so far? Are you using enterprise CA? Do you have a valid cert installed?

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
Highlighted

Yeah i am using enterprise CA, have installed the CA on ZTP server,

 

i have completed the base configuration. 

 

like hostname, system-ip, vbond ip, vpn 0 (interface ip address) and default route so that ztp server reach to vmanage or controllers, have installed the CA on ztp server, it showing the vbond details on vmanage but working.

Regards,
Rohit Raj
Highlighted

Did you add ztp entries?

 

Can you share below?

 

show run system

show ztp entries

 

Thanks,

Srikanth

Highlighted

Hi

thanks for the reply.

 

I have added the ztp entries.

below is that following you have asked:-

 

ZTP# show running-config system
system
host-name ZTP
system-ip 22.22.22.22
site-id 100
admin-tech-on-failure
no route-consistency-check
organization-name CC
vbond 10.10.100.102 local ztp-server
aaa
auth-order local radius tacacs
usergroup basic
task system read write
task interface read write
!
usergroup netadmin
!
usergroup operator
task system read
task interface read
task policy read
task routing read
task security read
!
usergroup tenantadmin
!
user admin
password $6$6U99zgTmVDoxbFUH$RY4gcymMGJ.vsZo5NvjEHkmUJWdlT0TONhQz7n7YfveaZpe73FtnJtQcFEUAaiDg.zKt6RKhd4dT/ulVeGKI60
!
!
logging
disk
enable
!
!
!
ZTP#

------------------------------------------------------------------------------------

!
ZTP# show ztp entries
% No entries found.
ZTP#

 

i have added the entries , however it says that there is no entries found.

 

below is the entries that i have added :-

 

i have added two entries only for testing :-

 

ZTP:~$ cat vedge_router_list
755518ef-f751-eddb-cb6b-760eed6c6b2e,44f71dd138771f11c828d1c27e7facb7,invalid,CC
CSR-3F6064D2-B421-DD89-5495-300AF6FA988B,d664fb7d1c7583993c020004f68b1e25,invalid,CC

ZTP:~$

 

still its not working..

 

 

kindly help asap.

Regards,
Rohit Raj
Highlighted

Is this 10.10.100.102 configured on the same device? What I know is, your vbond running as ZTP server is completely a separate device and no need to add that in the vManange.
Try to add a single device to ztp and test once. Refer the below command.

request device add chassis-number 12345 serial-number 6789 validity valid vbond 10.1.14.1 org-name viptela

Thanks,
Srikanth
Highlighted

Hi  Srikanth Reddy Navuluri,

Thanks for the reply. I have resolved the issue. Now i am able to provision vEdge routers using on prem ZTP, but when i am trying to provision cEdge router through on prem ZTP , its not letting me to do this, the cEdge routers are able to get the dhcp ip address and all but its not connecting or query for ztp vbond, i have followed the sd-wan documents, its says that cEdge routers query for devicehelper.cisco.com, i have also resolved this dns, still cEdge routers are not connecting to on prem ZTP.

 

kindly suggest and help me if i am missing anything. 

Regards,
Rohit Raj
Highlighted

What was your issue with the on-prem ZTP? Would be of great help if someone finds this thread if you provide that information.

 

As far as I'm aware, cEdge does not support on-prem ZTP. Like you said, they query for devicehelper.cisco.com and not ztp.viptela.com. To get cEdge to work with on-prem ZTP, they would need to add the functionality of what PNP (devicehelper.cisco.com) does. This seems to be different compared to the ZTP vBond that is provided at ztp.viptela.com.

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.
Highlighted

Hi Daniel Dib,
greetings of the day!

thanks for the quick reply. If cEdge does not support on prem ztp then in this case what would be the best practice to deploy the remote side cEdge routers? whats your suggestions? Does day-0 template pushing to cEdge routers using usb flash drive(.cfg file ) will work ?

can you help me to understand the pre-requisite for deployment of remote side cEdge routers?
kindly help me.
ASAP.
Thanks.
Regards,
Rohit Raj
Highlighted

You generate a bootstrap configuration from vManage and put it on USB or on flash of the device. It contains enough information like the IP address of the transport interface, the hostname of the vBond, organization name and so on. Once the device is reachable, you can attach it to a template.

 

If the device is not already running SD-WAN code, you need to first upload an image and go through the process of moving from standard IOS-XE to SD-WAN code.

 

https://sdwan-docs.cisco.com/Product_Documentation/Getting_Started/Hardware_and_Software_Installation/On-Site_Bootstrap_Process_for_SD-WAN_Devices

Daniel Dib
CCIE #37149
CCDE #20160011

Please rate helpful posts.