Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
606
Views
0
Helpful
2
Replies

Securing Access to vManage/vBond/VSmart access

tjames2
Level 1
Level 1

‎08-17-2022 02:00 AM - edited ‎08-17-2022 02:01 AM

We are doing a large SD-WAN deployment and we have created a device access policy only allowing SSH access from certain devices to the vty lines for all SD-WAN routers, all good.

Question is how can this be achieved on vmanage/smart/bond. There looks like no facility to add a device template for acls or policy to these devices.

All v* servers on on-prem

Any help appreciated etc,

0 Helpful
2 Replies 2

damoloney
Level 1
Level 1

‎09-27-2022 11:30 AM

tjames2,

I recently ran into this with our implementation of SDWAN.  Our setup is a little different in that our controllers are cloud-based.  That being said, we have a SD-WAN Self-Service portal.  The portal has our sdwan organization name and associated controllers.  Within this we can create inbound rules which determine the IP addresses or prefixes we allow inbound to the controllers for the overlay.  I'm guessing there is something similar for on-prem controllers.  Hopefully that gives you something to look into anyway.

0 Helpful

akoukis
Level 1
Level 1

‎09-28-2022 02:54 AM

Hello,

usually for the on-prem deployments the required access between in controllers and between controllers and cEdge/vEdge  is controlled by a firewall.

https://www.cisco.com/c/en/us/td/docs/solutions/CVD/SDWAN/cisco-sdwan-design-guide.html#FirewallPortConsiderations

As you mentioning there no way to create Device Access List and Local Policy for the controllers.

Best Regards

Anestis    

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card