01-11-2019 12:08 PM - edited 03-08-2019 05:33 PM
Got a two part question today...
1. I have seen lots of mention of VPN512 (management VPN) in documentation and presentations, but I have yet to see a practical use demonstrated. Does anyone have thoughts on best practice to use this / are people actually using it?
*I have take notice that the vManage and vSmart controllers have the ability to have an interface configured for this VPN, is this the only way to get direct management access to them via overlay network? (I'm using the hosted solution, so I'm currently only able to get them through the vManage SSH console right now).
2. Is anyone doing configuration backups? I am used to using something like Kiwi Cat Tools to SSH to devices and grab "show run", back that up and let me know about changes in the environment on a regular schedule (more people than just my self making changes on my team). I am using the hosted solution, so I am trusting that Cisco is covering the smoking hole scenario for the controllers, and the edge configurations live there in the templates.... I'm more worried about human error scenarios where I accidentally delete a policy and don't remember what was in it to recreate it, or the ability to look back at how something was configured when we knew it was in a working state and now its not (perhaps after an upgrade). Also just to be aware of what changes are happening, and yes I am aware of the audit log, but that's just telling me a change happened to some parent object, but not the details of what the actual changes were.
01-11-2019 02:12 PM
02-07-2019 01:41 PM
Regarding VPN 512, it only has meaning if the devices are on-prem and can be connected (via their VPN 512 interface) to some out-of-band management network.
For remote (remote from your management infrastructure) devices VPN 512 is a bit useless and you have to use a management loopback or some such in a service VPN. Or you don't use that and your only option is to connect via the system IP from vmanage.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide