Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
669
Views
0
Helpful
1
Replies

sd-wan control plane issue

TerryZhou6760
Level 1
Level 1

‎03-02-2020 10:17 PM

Looking for advice why the control plane is not up on vmanage and vbond

 

vmanage# show control local-properties
personality vmanage
sp-organization-name "XXXXX"
organization-name "XXXXX"
certificate-status Installed
root-ca-chain-status Installed

certificate-validity Valid
certificate-not-valid-before Feb 25 00:55:35 2020 GMT
certificate-not-valid-after Feb 07 00:55:35 2031 GMT

dns-name
site-id 101
domain-id 0
protocol dtls
tls-port 23456
system-ip 10.200.197.180
chassis-num/unique-id ee7b8cc2-6b71-4688-8645-14f84c9306e4
serial-num EE1BE812D942E842
cloud-hosted no
token -NA-
retry-interval 0:00:00:17
no-activity-exp-interval 0:00:00:20
dns-cache-ttl 0:00:02:00
port-hopped FALSE
time-since-last-port-hop 0:00:00:00
number-vbond-peers 0
number-active-wan-interfaces 2

PUBLIC PUBLIC PRIVATE PRIVATE PRIVATE LAST
INSTANCE INTERFACE IPv4 PORT IPv4 IPv6 PORT VS/VM COLOR STATE CONNECTION
---------------------------------------------------------------------------------------------------------------------------------------------------------------
0 eth0 10.200.30.77 12346 10.200.30.77 :: 12346 0/0 default down 4:04:48:39
1 eth0 10.200.30.77 12346 10.200.30.77 :: 12346 0/0 default down 4:04:48:39

 

 

 

vbond# show control local-properties
personality vedge
sp-organization-name "XXXXX"
organization-name "XXXXX"
certificate-status Installed
root-ca-chain-status Installed

certificate-validity Valid
certificate-not-valid-before Mar 03 05:20:39 2020 GMT
certificate-not-valid-after Feb 14 05:20:39 2031 GMT

dns-name 203.215.147.93
site-id 101
domain-id 101
protocol dtls
tls-port 0
system-ip 10.200.197.181
chassis-num/unique-id e6be3ae6-e77c-4e8f-9688-eddf9e5a7dbd
serial-num EE1BE812D942E84C
token Invalid
keygen-interval 1:00:00:00
retry-interval 0:00:00:18
no-activity-exp-interval 0:00:00:20
dns-cache-ttl 0:00:02:00
port-hopped TRUE
time-since-last-port-hop 0:00:55:54
embargo-check success
number-vbond-peers 0
number-active-wan-interfaces 1


NAT TYPE: E -- indicates End-point independent mapping
A -- indicates Address-port dependent mapping
N -- indicates Not learned
Note: Requires minimum two vbonds to learn the NAT type

PUBLIC PUBLIC PRIVATE PRIVATE PRIVATE MAX RESTRICT/ LAST SPI TIME NAT VM
INTERFACE IPv4 PORT IPv4 IPv6 PORT VS/VM COLOR STATE CNTRL CONTROL/ LR/LB CONNECTION REMAINING TYPE CON
STUN PRF
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
ge0/0 10.200.93.2 12346 10.200.93.2 :: 12346 0/0 default down 2 no/yes/no No/No 0:05:22:22 0:06:37:37 N 5

 

The clock is syned on all vmanage,vbond,vsmart. 

 

Packet capture on vbond doesn't show there is firewall issue.

0 Helpful
1 Reply 1

Kapish2007
Level 1
Level 1

‎03-03-2020 12:00 AM

Check your domain-id configuration


0 Helpful
Customers Also Viewed These Support Documents