Managing Branch Sites

CHAPTER
4
Managing Branch Sites
After you have configured and setup the hub site, you can add devices to Cisco IWAN and provision them
to the sites.
You can add and provision the following two types of devices:
•
Greenfield Devices—Discovered by the Cisco Plug-n-Play (Cisco PnP) application. Greenfield
devices are brand new out-of-the-box routers.
•
Brownfield Devices—Discovered by the Cisco APIC-EM application. Brownfield devices belong to
existing sites that are added to Cisco IWAN.
This chapter contains the following sections:
•
Basic Workflow for Managing Branch Sites, page 4-1
•
Bootstrapping Greenfield Devices, page 4-2
•
Adding and Provisioning Greenfield Devices to the Branch Site, page 4-2
•
Adding and Provisioning Brownfield Devices to the Branch Site, page 4-7
•
Viewing Site Status Information, page 4-18
Basic Workflow for Managing Branch Sites
Table 4-1
Basic Workflow for Managing Branch Sites
No.
Task
Reference
1
Bootstrap devices discovered by the Cisco PnP Bootstrapping Greenfield Devices, page 4-2
application.
2
Add devices to Cisco IWAN and then
provision them to the sites.
Adding and Provisioning Greenfield Devices to the Branch Site,
page 4-2
Adding and Provisioning Brownfield Devices to the Branch Site,
page 4-7
3
View the site status.
Viewing Site Status Information, page 4-18
Software Configuration Guide for Cisco IWAN on APIC-EM
4-1
Chapter 4
Managing Branch Sites
Bootstrapping Greenfield Devices
Bootstrapping Greenfield Devices
You can bootstrap devices discovered by the Cisco PnP application. These devices are called Greenfield
devices.
Use this procedure to download a bootstrap file.
Procedure
Step 1
From the Cisco IWAN home page, click Manage Branch Sites. The Sites page opens.
Step 2
Click the Bootstrap tab. The bootstrap files that are available for download are displayed.
Step 3
From the Download column, click the download bootstrap icon to download the bootstrap file to a local
directory on your computer. You can use this file as a template for PnP call home.
After the Greenfield devices are provisioned to a site, the appropriate bootstrap file is automatically
uploaded on to the device.
For details, see the Cisco Open Plug-n-Play Agent Configuration Guide at:
http://www.cisco.com/c/en/us/td/docs/ios-xml/ios/pnp/configuration/xe-3e/pnp-xe-3e-book.html.
Adding and Provisioning Greenfield Devices to the Branch
Site
Use this procedure to add Greenfield devices that are discovered by the Cisco PnP application and
provision them to the branch site.
Note
•
Before you use the devices to provision the site, we recommend that you save the running
configuration in flash or bootflash in the IWAN_RECOVERY.cfg file so that you can restore the
configuration if needed.
•
There must be at least 16 VTY lines configured.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-2
Chapter 4
Managing Branch Sites
Adding and Provisioning Greenfield Devices to the Branch Site
Procedure
Step 1
From the Cisco IWAN home page, click Manage Branch Sites. The Sites page opens.
Step 2
Click the Device(s) tab. A list of unclaimed devices are displayed as shown in the following figure:
Field
Description
Checkbox
Choose this checkbox to choose the unclaimed device for provisioning.
Serial Number
Serial number of the device.
IP Address
IP address of the device.
Type
Type of device.
Site Name
Name of the site to which the device belongs. To edit the site name, double-click
it, and then add the new name.
Host Name
Device host name.
Discovered By
Can be one of the following:
Validation Status
•
PNP—Discovered by the Cisco PnP application. This is a Greenfield
device.
•
APIC—Discovered by the Cisco APIC-EM application. This is a
Brownfield device.
Displays the following for Greenfield devices:
•
N/A—Devices discovered by the Cisco PnP application.
Can be one of the following for Brownfield devices:
•
Success—Devices successfully validated and ready for provisioning to the
branch site. These devices are either discovered by the Cisco APIC-EM
application or are manually added by clicking the Add Device tab.
•
Failure—Devices that have must-fix errors. These devices are either
discovered by the Cisco APIC-EM application or are manually added by
clicking the Add Device tab.
•
Warning—You can choose to ignore these errors or fix them.These devices
are either discovered by the Cisco APIC-EM application or are manually
added by clicking the Add Device tab.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-3
Chapter 4
Managing Branch Sites
Adding and Provisioning Greenfield Devices to the Branch Site
Step 3
Step 4
Check the checkbox next to the Greenfield device(s) that you want to use, and then click the Provision
Site tab. The Select Topology tab opens and displays the available topologies.
Note
To determine if the device is Brownfield or Greenfield, look at the Discovered By column in the
Add Devices page. PNP indicates that it is a Greenfield device. APIC indicates that it is a
Brownfield device.
Note
You can choose a maximum of two devices.
Note
Greenfield and Brownfield devices cannot be part of the same site.
Click the topology that is appropriate for your network. The L2/L3 options display.
Note
Step 5
Click the L2 option. The Configure Topology page displays.
Note
Step 6
The topology options that display are dependent on the number of devices you selected in Step 3.
L3 is not supported on Greenfield devices.
From the Configure Topology page, specify the following properties:
Field
Description
Site Name
Site name, which you can change if needed.
Site Location
Click Set Geo to specify the site location on a map. A map opens. Click on the
site, the Site Location field is populated. Click anywhere outside the map to exit
the map.
POP to Connect
Choose the preferred hub site for this branch site from the drop-down list.
Select WAN
Choose the WAN from the drop-down list.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-4
Chapter 4
Managing Branch Sites
Adding and Provisioning Greenfield Devices to the Branch Site
Step 7
Configure WAN settings for the branch device. Do the following:
a.
Click the + icon next to the WAN cloud. The Configure WAN Cloud dialog box opens. Depending
on the WAN type you chose in Step 6. the fields that display in the Configure WAN Cloud dialog
box change.
b.
For an Public WAN, the Configure WAN Cloud dialog box displays the following fields. Enter the
required properties, and then click Save.
Field
Description
WAN Type
Public
Interface Type
Type of interface. Values: T1, E1, or Ethernet.
Interface
Choose the interface that connects to the WAN cloud from the drop-down list.
Connect to WAN
Connection method.
Enable
Choose one of the two radio buttons as appropriate:
•
Static IP—When selected, the following additional fields display: WAN IP
Address, WAN IP Mask, and WAN Gateway IP Address.
•
DHCP
Upload (Mbps)
Upload bandwidth (in Mbps).
Download (Mbps)
Choose the download bandwidth from the drop-down list.
Service Profile
Profile name configured in the Service Providers tab.
c.
For a Private WAN, the Configure WAN Cloud dialog box displays the following fields. Enter the
required properties, and then click Save.
Field
Description
WAN Type
Private
Interface Type
Type of interface. Values: T1, E1, or Ethernet.
Interface
Choose an interface from the drop-down list.
Connect to WAN
Connection method.
CE IP Address
Customer Edge Server IP Address. This field is auto-populated if the interface
has a static IP address already configured.
Note
Depending on the number of links that you created when setting up the
hub sites in the IWAN Aggregation Site, you might need to specify
additional IP addresses for CE devices.
CE IP Mask
The mask of the CE IP address.
PE IP Address
Provider Edge Server IP Address. This field is auto-populated if the interface
has an IP address and default gateway.
Download (Mbps)
Choose the download bandwidth from the drop-down list.
Service Profile
Profile name configured in the Service Providers tab.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-5
Chapter 4
Managing Branch Sites
Adding and Provisioning Greenfield Devices to the Branch Site
Step 8
Configure LAN settings. Do the following:
Displays the following for Greenfield devices:
Note
You can either create the LAN Greenfield IP address pool during hub provisioning; or you can
add it after hub provisioning for Greenfield deployments. When the LAN Greenfield IP address
pool is not present, the system automatically uses the generic pool IP address.
a.
Click the + icon next to the LAN. If site specific IP address pools are configured for the site, the
Configure VLAN dialog box opens.
b.
Enter the following properties, and then click Save:
Field
Description
LAN Interface
Site Interface
Enter or choose the LAN interface from the drop-down list.
VLAN
VLAN Type
Enter or choose a VLAN type from the drop-down list.
Default Values: Data, Guest, Voice & Video, or Wireless.
To create a custom VLAN, click the + icon in the last VLAN, and then enter the
name of the VLAN.
VLAN ID
Numeric value within the following ranges: 1 - 98; 100 - 1001; 1006 - 4094.
You cannot duplicate a VLAN ID.
Total IPs
Number of hosts in the VLAN.
Step 9
From the Provisioning Sites page, click Apply Changes. The Provisioning Site Summary dialog box
opens with a summary of the configuration.
Step 10
Review the information, and then do one of the following:
•
Click the Apply Now radio button, and then click Submit.
•
Click the Schedule radio button, specify a date and time to apply the site provisioning, and then
click Submit.
Note
The Apply Now option does not check for validations in conflict with future scheduled
workflows. You must reevaluate scheduled jobs based on the changes and update the jobs as
required. If there is a conflict when the scheduled job is activated, it might fail to provision
the site.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-6
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
Adding and Provisioning Brownfield Devices to the Branch
Site
Use this procedure to add Brownfield devices that are discovered by the Cisco APIC-EM application and
provision them to the branch site.
Brownfield devices are not automatically displayed on the Devices tab. You must first add them to Cisco
IWAN, and then provision them to the branch site.
Note
•
Before you use the devices to provision the site, we recommend that you save the running
configuration in bootflash in the IWAN_RECOVERY.cfg file so that you can restore the
configuration if needed.
•
There must be at least 16 VTY lines configured.
•
Devices that are configured with SNMP version 2 or version 3 can be used as branch devices.
Procedure
Step 1
From the Cisco IWAN home page, click Manage Branch Sites. The Sites page opens.
Step 2
Click the Device(s) tab. The following page displays.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-7
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
Step 3
To add a Brownfield device, click the Add Device tab. The Add Device dialog box opens and displays
a list of devices discovered by the Cisco APIC-EM application as shown in the following figure:
Note
Step 4
Alternatively, you can add devices using the Cisco APIC EM discovery feature.
Do one of the following:
•
Choose an existing Cisco APIC-EM discovered device—From the Devices Discovered by APIC-EM
area, click the radio button next to the device you want to add to Cisco IWAN, and then click Claim
Device (see above figure). The claimed device is added to the Devices page and is available for
provisioning.
•
Add a new device—Click Adding New Device (see figure above). The Add Device dialog box opens
where you specify the IP address for the new device and additional properties as shown in the
following figure and the table that follows, and then click Add Device:
Software Configuration Guide for Cisco IWAN on APIC-EM
4-8
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
Field
Description
Router Management IP
IP address for the new device.
SNMP
Version
SNMP version number.
Depending on the version number you choose,
different properties display.
Read Community
SNMP V2C read community string.
(Displayed if you chose SNMP V2C.)
Software Configuration Guide for Cisco IWAN on APIC-EM
4-9
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
Field
Description
Write Community
(Optional) SNMP V2C write community string.
(Displayed if you chose SNMP V2C.)
Mode
(Displayed if you chose SNMP V3.)
Auth. Type
(Displayed if you chose SNMP V3.)
Choose the mode from the drop-down list. Options
are:
•
Authentication and Encryption
•
No Authentication and No Encryption
•
Authentication and No Encryption
Displayed if you chose Authentication and
Encryption; or Authentication and No Encryption
in the Mode field.
Choose the authentication type from the
drop-down list. Options are:
•
HMAC-SHA
•
HMAC-MDS
Username
Displayed if you chose SNMP V3.
(Displayed if you chose SNMP V3.)
The authentication username.
Auth. Password
Displayed if you chose Authentication and
Encryption; or Authentication and No Encryption
in the Mode field.
(Displayed if you chose SNMP V3.)
The password for the authentication username.
Encryption Type
(Displayed if you chose SNMP V3.)
Displayed if you chose Authentication and
Encryption in the Mode field.
The encryption username.
Encryption Password
(Displayed if you chose SNMP V3.)
Displayed if you chose Authentication and
Encryption in the Mode field.
The password for the encryption username.
SNMP Retries and Timeout
Retries
Number of SNMP retries. Default: 3
Timeout (secs)
Number of seconds to wait before the system
considers an SNMP request to have timed out.
Default: 10
SSH/Telnet
Protocol
Protocol used to communicate to the host (SSH or
Telnet).
Username
SSH or Telnet username.
Password
SSH or Telnet password.
Enable Password
Enable password for the username.
Timeout (secs)
Number of seconds to wait before the system
considers an SSH or Telnet request to have timed
out.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-10
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
The device is verified in the background to determine if the device is suitable for provisioning.
The following occurs:
The Cisco IWAN application accesses the router and checks its configuration to determine if it
has any configuration that might conflict with the Cisco IWAN application. This is called
Brownfield Validation.
If the router does not have conflicting configurations, an orange icon appears on top of the
device and the Configure Router Dialog opens.
If the router has conflicting configurations, the Validation Status dialog opens listing all the
validation failures, as shown in the following figure:
I
c.
The validation status could be either Warning or Must Fix. Do the following:
– If the validation status is Warning, you can fix it or ignore it.
– If the validation status is Must Fix, remove the configurations suggested by the description, and
then click Revalidate.
For information about the messages displayed in the Validation Status dialog box, see Appendix A,
“Brownfield Validation Messages.”
Step 5
From the Devices page, check the checkbox next to the Brownfield device(s) that you want to provision
for a site, and then click the Provision Site tab. The Select Topology tab opens and displays the available
topologies.
Note
To determine if the device is Brownfield or Greenfield, look at the Discovered By column in the
Add Devices page. PNP indicates that it is a Greenfield device. APIC indicates that it is a
Brownfield device.
Note
You can choose a maximum of two devices.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-11
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
Step 6
Click the topology that is appropriate for your network. The L2/L3 options display.
Note
Step 7
Depending on the LAN site configuration, click the appropriate L2/L3 option. The Configure Topology
page displays.
Note
Step 8
The topology options that display are dependent on the number of devices you selected in Step 5.
If the VLAN on branch devices are on the same subnet, choose L2. If the VLAN on the branch
devices are on different subnets, choose L3.
From the Configure Topology page, specify the following properties:
Field
Description
Site Name
Site name, which you can change if needed.
Site Location
Click Set Geo to specify the site location on a map. A map opens. Click on the
site, the Site Location field is populated. Click anywhere outside the map to exit
the map.
POP to Connect
Choose the hub that you specified in the IWAN Aggregation Site from the
drop-down list.
Select WAN
Choose the WAN from the drop-down list.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-12
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
Step 9
Configure WAN settings for the branch device. Do the following:
a.
Click the + icon next to the WAN cloud. The Configure WAN Cloud dialog box opens. Depending
on the WAN type you chose in Step 8. the fields that display in the Configure WAN Cloud dialog
box change.
b.
For a Public WAN, the Configure WAN Cloud dialog box displays the following fields. Enter the
required properties, and then click Save.
Field
Description
WAN Type
Public
Interface Type
Type of interface. Values: T1, E1, or Ethernet.
Interface
Choose an interface that connects to the WAN cloud from the drop-down list.
Connect to WAN
Connection method.
Enable
Choose one of the two radio buttons as appropriate:
•
Static IP—When selected, the following additional fields display: WAN IP
Address, WAN IP Mask, and WAN Gateway IP Address.
•
DHCP
Upload (Mbps)
Upload bandwidth (in Mbps).
Download (Mbps)
Choose the download bandwidth from the drop-down list.
Service Profile
Profile name configured in the Service Providers tab.
c.
For a Private WAN, the Configure WAN Cloud dialog box displays the following fields. Enter the
required properties, and then click Save.
Field
Description
WAN Type
Private
Interface Type
Type of interface. Values: T1, E1, or Ethernet.
Interface
Choose an interface from the drop-down list.
Connect to WAN
Connection method.
CE IP Address
Customer Edge Server IP Address. This field is auto-populated if the interface
has a static IP address already configured.
Note
Depending on the number of links that you created when setting up the
hub sites in the IWAN Aggregation Site, you might need to specify
additional IP addresses for CE devices.
CE IP Mask
The mask of the CE IP address.
PE IP Address
Provider Edge Server IP Address. This field is auto-populated if the interface
has an IP address and default gateway.
Download (Mbps)
Choose the download bandwidth from the drop-down list.
Service Profile
Profile name configured in the Service Providers tab.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-13
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
Step 10
Configure LAN settings. Do the following:
Click the + icon next to the LAN. If you selected L2 topology and the LAN interface is a physical
interface or a switchport interface, the Configure VLAN dialog box opens (see bellow). Choose the LAN
interface from the drop-down list, and then click Save.
Note
•
If you selected a dual router topology, the common VLANs between devices are displayed.
•
Make sure there are no site-specific IP address pools configured for Brownfield sites.
•
The VLAN information seen on the Configure VLAN dialog box is auto populated based on the
LAN interface that you selected on the router.
•
You cannot edit the auto populated information from the Configure VLAN interface dialog box.
•
You can either create the LAN Brownfield IP address pool during hub provisioning; or you can add
it after hub provisioning for brownfield deployments. When the LAN Brownfield IP address pool is
not present, the system automatically creates site-specific pools for the Brownfield devices.
If you selected L3 topology, the following Configure VLAN dialog box opens as shown in the following
figure. Do the following:
a.
Choose the LAN interface from the drop-down list. The IP address is automatically populated.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-14
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
b.
Click Save.
c.
If you have dual routers, choose the LAN interface for that device, and then click Save.
d.
Click the + icon above Routing Configuration. The LAN Routing Configuration dialog box opens
as shown in the following figure. Enter the properties and then click Save.
Note
VLANs are displayed per device.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-15
Chapter 4
Adding and Provisioning Brownfield Devices to the Branch Site
I
Software Configuration Guide for Cisco IWAN on APIC-EM
4-16
Managing Branch Sites
Chapter 4
Managing Branch Sites
Adding and Provisioning Brownfield Devices to the Branch Site
Field
Description
Site Prefix
Network prefixes auto-learned for the site.
Add Prefix button
Click this button to manually add additional site prefix.
Discovered Pane
Prefixes automatically discovered by Cisco IWAN.
Arrows
Click on the --> arrow to move the prefix from the Discovered pane into the
Selected pane.
Click on the <-- arrow to move the prefix from the Selected pane into the
Discovered pane.
Selected Pane
List of selected prefixes.
LAN Routing Protocol
Routing Protocol
Default routing protocol running on the devices. Can be: EIGRP or OSPF
Note
Area Number/AS
Number
EIGRP and OSPF are supported routing protocols, which means that
LAN-WAN redistribution is performed by Cisco IWAN. Cisco IWAN
does not perform LAN-WAN redistribution for BGP protocol.
Depending on the routing protocol, enter the following:
•
Area number for OSPF.
•
AS number for EIGRP.
Note
For a dual router site, make sure that the area numbers for OSPF and the
AS numbers for EIGRP are the same across both devices.
Step 11
From the Provisioning Sites page, click Apply Changes. The Provisioning Site Summary dialog box
opens with a summary of the configuration.
Step 12
Review the information and then do one of the following:
•
Click the Apply Now radio button, and then click Submit.
•
Click the Schedule radio button, specify the date and time to apply the site provisioning, and then
click Submit.
Note
The Apply Now option does not check for validations in conflict with future scheduled
workflows. You must reevaluate scheduled jobs based on the changes and update the jobs as
required. If there is a conflict when the scheduled job is activated, it might fail to provision
the site.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-17
Chapter 4
Managing Branch Sites
Viewing Site Status Information
Viewing Site Status Information
Use this procedure to view the information about the site and determine its overall status.
Procedure
Step 1
From the Cisco IWAN home page, click Manage Branch Sites. The Sites page opens.
Step 2
Click the Site(s) tab. The following properties appear:
Field
Description
Health
Health of the hub and health of the site.
App Health
Application heath for the hub.
Prime credentials must be configured to view this information.
Site
Click the hub name or site name as appropriate to display the following details:
•
Site status—Whether the site is provisioned.
•
Application status—Status of the application.
•
Alarms tab—If there are issues with the site, this tab provides information
about the problem. In addition, the system also provides suggestions to
troubleshoot and fix the problem.
•
Hub Topology or Site Topology tab—Topology of the site, including the
site name, site location, and preferred POP. Hover on the devices and WAN
clouds in the topology to get more details.
•
IP Address Allocation tab—List of devices, including the subnet mask and
the IP address pool to which the device is allocated.
•
Application tab—Application usage on the site in a graphical format. The
graph displays the following:
– Various applications configured for the site.
– Bandwidth usage for each application.
– Statistical trend for each application.
Location
Location of the site.
Status
Whether the site is provisioned.
Action
Can be one of the following:
•
Delete icon—Click to delete the site that has issues. See Deleting a Hub
Site, page 7-5, Deleting a Transit Hub, page 7-5, or Deleting Branch Sites,
page 7-6.
•
Recovery icon—Option available if recovery for this site is possible. See
Recovering a Cisco IWAN Site, page 7-4.
•
Update Site Prefix (pen) icon—Click to add or delete site prefixes after hub
provisioning. This option is only available for L3 Brownfield sites. See
Adding or Deleting Site Prefixes, page 7-8.
Software Configuration Guide for Cisco IWAN on APIC-EM
4-18
Download PDF
Similar pages