SDWAN to umbrella registration issue

nareh84 · ‎09-24-2024

hi

i have configured Umbrella Secret and key for Umbrella dns integration. DIA is configured for this VPN. i am not able to see SDWAN router on umbrella portal.

on c-edge (router 8200 v17.09.03a)

sh sdwan umbrella device-registration
DEVICE

NAME STATUS TAG ID DESCRIPTION
---------------------------------------------------------------------------
2 403 FORBID vpn2 403 Forbidden response received, retrying

on ZBFW, i allowed communication (https) from c-edge(self) to internet

----api.opendns.com

----management.api.umbrella.com

----s3-us-west-1.amazonaws.com

on ZBFW, i allowed dns communication from c-edge(self) to internet

208.67.222.222

208.67.220.220

Thx

Nareh

ekhabaro · ‎09-30-2024

Hello, check this: https://www.cisco.com/c/en/us/support/docs/field-notices/741/fn74176.html

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwi43360

If you're running 17.9.3a, you should upgrade to 17.9.6 which is published recently.

nareh84 · ‎10-17-2024

Actually, key and secret were wrong. after correct key and secret, i faced umbrella dns certificate expiry issue, which was resolved by following link.

https://www.cisco.com/c/en/us/support/docs/field-notices/741/fn74166.html

this time when i do show sdwan umbrella device-registration. i can see following

#show sdwan umbrella device-registration
NAME STATUS TAG DEVICE ID DESCRIPTION
----------------------------------------------------------------------------
2 201 CREATED vpn2 bxxxxxxx Device Id received successfully

but on umbrella dashboard, it showing status of offline, its been now 12 hours that cisco sdwan router received device id from umbrella but still on umbrella dashboard, it shows as offline.

currently, no pc is connected to this vpn,