Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
982
Views
3
Helpful
9
Replies

viptela Cisco SDWAN Lab Controllers

Go to solution
hamdialhola94
Level 1
Level 1

‎03-13-2024 12:46 PM

I have SDWAN lab (Vmanage, vsmart, vbond) after the initial configuration I installed certificates on all controllers, but I have a problem, when do  show control connections , nothing was shown. nd when do show orchestrator connections on Vbond nothing shown, don't have an idea about this issue, indeed to help to set up the lab.

Can you see the pictures below>Capture.PNGCapture2.PNG

Screenshot 2024-03-13 213857.png

Thanks.

Labels:
0 Helpful
4 Accepted Solutions

Accepted Solutions

Go to solution
Torbjørn
Spotlight
Spotlight

‎03-13-2024 01:54 PM - edited ‎03-13-2024 01:54 PM

I suspect that you might be missing tunnel-interface configuration. Can you post the configurations of the controllers?

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

View solution in original post

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎03-13-2024 04:35 PM - edited ‎03-13-2024 04:35 PM

As you mentioned the Lab is this virtual Lab ?

try reload all the device in order and check ?  turn off all, start vmanage, vbond, vsmart

have similar lab works as expected, i had faced same issue reboot the device has fixed the issue : (if the configuration correct)

https://www.balajibandi.com/?p=2028

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

View solution in original post

Go to solution
Kanan Huseynli
VIP
VIP

‎03-15-2024 03:09 PM

Hi,

share show control local-properties from vmanage/vsmart and show orchestrator local-properties from vbond.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

View solution in original post

Go to solution
hamdialhola94
Level 1
Level 1
In response to balaji.bandi

‎03-19-2024 03:01 PM

Hi, im reconfiguring the controllers , now only on bond is empty shown

just vbond , and others (manage and smart are ok)
can you see:

vBond# show control connections

vBond#

View solution in original post

0 Helpful
9 Replies 9

Go to solution
Torbjørn
Spotlight
Spotlight

‎03-13-2024 01:54 PM - edited ‎03-13-2024 01:54 PM

I suspect that you might be missing tunnel-interface configuration. Can you post the configurations of the controllers?

Happy to help! Please mark as helpful/solution if applicable.
Get in touch: https://torbjorn.dev

Go to solution
hamdialhola94
Level 1
Level 1
In response to Torbjørn

‎03-21-2024 12:53 PM

vManage1# show running-config
system
host-name vManage1
system-ip 1.1.255.1
site-id 255
admin-tech-on-failure
sp-organization-name hamdibcd
organization-name hamdibcd
clock timezone Africa/Tripoli
vbond 10.46.46.102
aaa
auth-order local radius tacacs
usergroup basic
task system read write
task interface read write
!
usergroup netadmin
!
usergroup operator
task system read
task interface read
task policy read
task routing read
task security read
!
usergroup tenantadmin
!
user admin
password
$6$bYvLnnnqp9iaGrb6$wO2y0Aezmq2ZFPVY3qsi09FLzSsER7SKizh3OsT03dSYt2YQRZEMq/UYSqr53lwWG9YnaZm84VPpNUT6JgTLT/
!
user ciscotacro
description CiscoTACReadOnly
group operator
status enabled
!
user ciscotacrw
description CiscoTACReadWrite
group netadmin
status enabled
!
!
logging
disk
enable
!
!
ntp
server 10.46.46.111
version 4
prefer
exit
!
!
vpn 0
interface eth1
ip address 10.46.46.101/24
tunnel-interface
allow-service all
allow-service dhcp
allow-service dns
allow-service icmp
allow-service sshd
allow-service netconf
allow-service ntp
no allow-service stun
allow-service https
!
no shutdown
!
ip route 0.0.0.0/0 10.46.46.111
!
vpn 512
interface eth0
ip address 10.46.46.201/24
no shutdown
!
!


vSmart# show running-config
system
host-name vSmart
system-ip 1.1.255.3
site-id 255
admin-tech-on-failure
organization-name hamdibcd
clock timezone Africa/Tripoli
vbond 10.46.46.102
aaa
auth-order local radius tacacs
usergroup basic
task system read write
task interface read write
!
usergroup netadmin
!
usergroup operator
task system read
task interface read
task policy read
task routing read
task security read
!
usergroup tenantadmin
!
user admin
password
$6$BGJOalKeyVXf7vDc$bfbpp25WsTtUFKsRh6r3fafu85ZEs28iOqoLIvvyGyXzi7cHnWMOfp/n.5ckbBjgOHPTQzzTIr9WhhGemWFXd/
!
user ciscotacro
description CiscoTACReadOnly
group operator
status enabled
!
user ciscotacrw
description CiscoTACReadWrite
group netadmin
status enabled
!
!
logging
disk
enable
!
!
ntp
server 10.46.46.111
version 4
prefer
exit
!
!
omp
no shutdown
graceful-restart
!
vpn 0
interface eth1
ip address 10.46.46.103/24
tunnel-interface
allow-service all
allow-service dhcp
allow-service dns
allow-service icmp
allow-service sshd
allow-service netconf
allow-service ntp
allow-service stun
!
no shutdown
!
ip route 0.0.0.0/0 10.46.46.111
!
vpn 512
interface eth0
ip address 10.46.46.203/24
no shutdown
!
!


vbond# show running-config
system
host-name vbond
system-ip 1.1.255.2
site-id 255
admin-tech-on-failure
no route-consistency-check
organization-name hamdibcd
clock timezone Africa/Tripoli
vbond 10.46.46.102 local
aaa
auth-order local radius tacacs
usergroup basic
task system read write
task interface read write
!
usergroup netadmin
!
usergroup operator
task system read
task interface read
task policy read
task routing read
task security read
!
usergroup tenantadmin
!
user admin
password
$6$HYGq1VGWzvQkyH1I$jY1rUg/tvWQQgF4zNoDs9nNqlFsFgS8WxVXUBIFRCH6CJE0H.pnNDheOVwD/WIilAYVrBIbrLtyN0TbnhiA730
!
user ciscotacro
description CiscoTACReadOnly
group operator
status enabled
!
user ciscotacrw
description CiscoTACReadWrite
group netadmin
status enabled
!
!
logging
disk
enable
!
!
ntp
server 10.46.46.111
version 4
prefer
exit
!
!
omp
no shutdown
graceful-restart
advertise connected
advertise static
!
security
ipsec
authentication-type ah-sha1-hmac sha1-hmac
!
!
vpn 0
interface ge0/0
ip address 10.46.46.102/24
ipv6 dhcp-client
tunnel-interface
encapsulation ipsec
allow-service all
no allow-service bgp
allow-service dhcp
allow-service dns
allow-service icmp
allow-service sshd
allow-service netconf
allow-service ntp
no allow-service ospf
no allow-service stun
allow-service https
!
no shutdown
!
ip route 0.0.0.0/0 10.46.46.111
!
vpn 512
interface eth0
ip address 10.46.46.202/24
ipv6 dhcp-client
no shutdown
!
!


Note: I reconfigure the controllers but when I do (Show Control
Connections) shown vbond as: vbond dtls 0.0.0.0

What is wrong?
0 Helpful

Go to solution
hamdialhola94
Level 1
Level 1
In response to Torbjørn

‎03-22-2024 06:33 PM

Please give me what I must configure the tunnel interface on all controllers,.

Thanks

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame
In response to hamdialhola94

‎03-23-2024 03:22 AM

i may have lost this thread - what is the issue ? you not able to see vbond show connections ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎03-13-2024 04:35 PM - edited ‎03-13-2024 04:35 PM

As you mentioned the Lab is this virtual Lab ?

try reload all the device in order and check ?  turn off all, start vmanage, vbond, vsmart

have similar lab works as expected, i had faced same issue reboot the device has fixed the issue : (if the configuration correct)

https://www.balajibandi.com/?p=2028

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Go to solution
hamdialhola94
Level 1
Level 1
In response to balaji.bandi

‎03-19-2024 03:01 PM

Hi, im reconfiguring the controllers , now only on bond is empty shown

just vbond , and others (manage and smart are ok)
can you see:

vBond# show control connections

vBond#
0 Helpful

Go to solution
Kanan Huseynli
VIP
VIP

‎03-15-2024 03:09 PM

Hi,

share show control local-properties from vmanage/vsmart and show orchestrator local-properties from vbond.

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

Go to solution
hamdialhola94
Level 1
Level 1
In response to Kanan Huseynli

‎03-19-2024 03:03 PM

vManage1# show control local-properties
personality vmanage
sp-organization-name hamdibcd
organization-name hamdibcd
root-ca-chain-status Installed

certificate-status Installed
certificate-validity Valid
certificate-not-valid-before Mar 19 20:09:36 2024 GMT
certificate-not-valid-after Sep 09 20:09:36 2029 GMT

dns-name 10.46.46.102
site-id 255
domain-id 0
protocol dtls
tls-port 23456
system-ip 1.1.255.1
chassis-num/unique-id 93f108a8-bd4d-4e19-a291-dd6e105df4ba
serial-num D33A80FE42052F4A
subject-serial-num N/A
cloud-hosted no
token -NA-
retry-interval 0:00:00:16
no-activity-exp-interval 0:00:00:20
dns-cache-ttl 0:00:02:00
port-hopped FALSE
time-since-last-port-hop 0:00:00:00
cdb-locked false
number-vbond-peers 1

INDEX IP PORT
-----------------------------------------------------
0 10.46.46.102 12346

number-active-wan-interfaces 4

PUBLIC PUBLIC PRIVATE
PRIVATE PRIVATE
LAST
INSTANCE INTERFACE IPv4 PORT IPv4 IPv6
PORT VS/VM COLOR STATE
CONNECTION
---------------------------------------------------------------------------------------------------------------------------------------------------------------
0 eth1 10.46.46.101 12346 10.46.46.101 ::
12346 1/0 default up 0:00:00:07
1 eth1 10.46.46.101 12446 10.46.46.101 ::
12446 0/0 default up 0:00:00:08
2 eth1 10.46.46.101 12546 10.46.46.101 ::
12546 0/0 default up 0:00:00:09
3 eth1 10.46.46.101 12646 10.46.46.101 ::
12646 0/0 default up 0:00:00:08




vSmart# show control local-properties
personality vsmart
sp-organization-name hamdibcd
organization-name hamdibcd
root-ca-chain-status Installed

certificate-status Installed
certificate-validity Valid
certificate-not-valid-before Mar 19 20:23:01 2024 GMT
certificate-not-valid-after Sep 09 20:23:01 2029 GMT

dns-name 10.46.46.102
site-id 255
domain-id 1
protocol dtls
tls-port 23456
system-ip 1.1.255.3
chassis-num/unique-id 15cc1f84-2ba7-4a9b-839c-4daf4d96489f
serial-num D33A80FE42052F4C
subject-serial-num N/A
token -NA-
retry-interval 0:00:00:19
no-activity-exp-interval 0:00:00:20
dns-cache-ttl 0:00:02:00
port-hopped FALSE
time-since-last-port-hop 0:00:00:00
cdb-locked false
number-vbond-peers 1

INDEX IP PORT
-----------------------------------------------------
0 10.46.46.102 12346

number-active-wan-interfaces 2

PUBLIC PUBLIC PRIVATE
PRIVATE PRIVATE
LAST
INSTANCE INTERFACE IPv4 PORT IPv4 IPv6
PORT VS/VM COLOR STATE
CONNECTION
---------------------------------------------------------------------------------------------------------------------------------------------------------------
0 eth1 10.46.46.103 12346 10.46.46.103 ::
12346 0/1 default up 0:00:00:10
1 eth1 10.46.46.103 12446 10.46.46.103 ::
12446 0/0 default up 0:00:00:11


vBond# show orchestrator local-properties
personality vbond
sp-organization-name hamdibcd
organization-name hamdibcd
system-ip 1.1.255.2
certificate-status Installed
root-ca-chain-status Installed

certificate-validity Valid
certificate-not-valid-before Mar 19 20:17:23 2024 GMT
certificate-not-valid-after Sep 09 20:17:23 2029 GMT
chassis-num/unique-id 3b650ba7-7049-487d-a9e2-9bbf3dcc8354
serial-num D33A80FE42052F4B
number-active-wan-interfaces 1
protocol dtls

INSTANCE INDEX PORT VSMARTS VMANAGES STATE
----------------------------------------------
0 0 12346 2 4 up


0 Helpful

Go to solution
Kanan Huseynli
VIP
VIP
In response to hamdialhola94

‎03-23-2024 03:51 AM

I confused, did you solve the problem?

If not, clear control connection history by "clear control connection-history" wait for 5minutes and then provide show control connection-history from all controllers (for vbond use orchestrator keyword)

HTH,
Please rate and mark as an accepted solution if you have found any of the information provided useful.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card