I'm working on building my 3rd SD-WAN topology and each time, I circle back to your videos 1) because they are awesome 2) make sure I covered everything. Best advice I can offer someone is to plan out your L3 connections before you start configuring/deploying. Use drawio, design out (roughly) what you want to build. Good luck & have fun! Casey.
@RobRikerTechChannel
2 жыл бұрын
Awesome man, thanks for the kind words! Good luck on the 3rd trip!
@floriancokl3142
3 жыл бұрын
Thank you very much Rob for this wonderful series - fantastic job
@majdghiba5136
3 жыл бұрын
Awesome Rob! well done, very informative. Thanks
@ronanamelin
Жыл бұрын
Great vid. What`s the config if the INET router though ?
@nab3609
Жыл бұрын
Awesome - Thanks a lot Rob
@cfental4023
Жыл бұрын
many tnx Rob. excellent job here . could you show how to on-board a c-edge? CSR.
@alexchamorro1884
2 жыл бұрын
Gracias por el video , saludos de Peru..!!
@bitali19
3 жыл бұрын
thanks thanks thank you dear feloow. thanks a ton....i finally loaded fully functionals lab
@borisavezov2989
3 жыл бұрын
Got it work done with vEdge 1 and vEdge2 setup
@stevenwilliams7774
2 жыл бұрын
Recently seen an issue after leaving lab powered up overnight that vEdges drop the static default route. I was just rebooting them to fix the issue, but now I have found that "no track-default gateway" under system config will fix this issue long term.
@georgiostapoglou-fotakis3760
Жыл бұрын
Hello Rob. Amazing video series, thank you very much for the effort. I have run into a strange issue that i've been troubleshooting for hours. After having onboarded all the controllers, I can see all the dtls connections working fine. However, when I try to onboard an edge device, following the steps on the video, vManage registers it as a vBond, replacing the actual vBond system IP with the new vEdge on the GUI. Do you have any ideas on where I am messing up? Im fairly confident the config is correct on both vbond & vedge, since I have gone through it many times. Thanks!
@RobRikerTechChannel
Жыл бұрын
never had that issue. I used 18.4 code in my lab. I don't know why your having that issue
@georgiostapoglou-fotakis3760
Жыл бұрын
@@RobRikerTechChannel Thanks for taking the time to respond anyway. I'm using 20.3 btw.
@georgiostapoglou-fotakis3760
Жыл бұрын
@@RobRikerTechChannel Hello. Just in case you are interested/need to respond to someone else who has the same issue, I changed the vedge version to 19.x and did the same config with both XCA and cisco IOS ca and it worked instantly both times. Controllers are still 20.3.
@YaficoVideo
2 жыл бұрын
I was having an issue where my vEdges would lose their connectivity. When i checked the 'show control connections' command on the vEdges, I would see they lose their connection to vManage (connect state). Then they would come back en go down again. 'show control connection-history' would show a DCONFAIL - DTLS connection failure. Spent 2 days troubleshooting. vManage GUI would show vEdges being down and coming back up... The issue was caused by interface eth1 on vManage which in the video is connected to the mgmt cloud in EVE-NG. Mine was setup like that as well and the interface was configured as a DHCP client and I could ping google from my vManage. Configured a static IP address on interface eth1 and this solved the issue. All vEdges are now stable up. Hope this helps others...
@KhantLwinHtay-sb8nl
5 ай бұрын
Thanks a lot
@zaidiatifs
2 ай бұрын
you already have wan edge list uploaded to vmanage, how did u do that ? my lab is completely up but i am stuck because of this wan edge list
@andreipatergin8967
2 жыл бұрын
Hi Rob, thank you for the videos. I had a quick question is it possible to use Cisco SD-WAN over private MPLS without ipsec encryption?
@hansleymooken4771
2 жыл бұрын
fantastic!
@alexandrubarbu5366
2 жыл бұрын
Hi Rob! Great work! What about onboarding the cEdges? The CSR 1000v or the Catalyst 8Kv?
@RobRikerTechChannel
2 жыл бұрын
You need a vEdge list for the CSRs. I haven't tried the Cat 8 or Cat 9 yet
@fantas1st07sr2
Жыл бұрын
Hello Rob, My BFD does not rise, what could be the problem ? Config BFD: bfd color public-internet, bfd app-route multiplier 3, bfd app-route poll-interval 1000. OMP is UP all vEdges and vSmart. And All devices look each other through ping.
@romemadali84
3 жыл бұрын
nice, this is awesome
@YaficoVideo
2 жыл бұрын
Disregard my previous comment. It took about 15 minutes for the vEdge to appear in the GUI and seems to work with version 18.4.5. It did not work with 18.4.4. Thanks.
@joyantadebnath8603
2 жыл бұрын
hi Rob, i am facing problem. when i add vedge1 to vmange at that point my vbond went down. no information showed in vedge section but it replaced the vbond system ip and hostname. at that point in vbond section vedge hostname and system-ip showed up. thanks for the tutorial
@brohamad2910
4 жыл бұрын
Would you be able to provide the configs for INET and mpls routers? Or they are provided in the next videos?
@RobRikerTechChannel
4 жыл бұрын
Not much to them, interface configurations and a static route on the INET router that points to the DC-SW. Same with MPLS with BGP configuration. Each vEdge peers with the MPLS routers, so does the DC-SW. That's the whole configuration.
@brohamad2910
4 жыл бұрын
Rob Riker's Tech Channel Thank you!
@FaridPangos
2 жыл бұрын
Hi Rob, Why do you have to send the vEdges list to the controllers if you already did that on vBond and vManage with the line: "request vedge add chassis -num xxxxx serial-num yy" ?
@RobRikerTechChannel
2 жыл бұрын
that's how I was shown how to do it.
@joyantadebnath2797
2 жыл бұрын
hi there, i am facing one problem. when i add vEdge1 at that point my vbond went down and in the controller, vedge data shows in controller vbond.
@vaaghran
3 жыл бұрын
Hi Rob, just finished configuring the lab that you are using for SD-WAN here. I am running into some strange issues with the WAN edges. They stay stable for about 20 minutes or so. By stable I mean, they are authenticated by the controllers, certificates show valid, control connections are up (on public and mpls side both), orchestrator connections looks good, omp and bfd peers also like they are supposed to on both transports. Then something happens and one of the WAN edges (random one) will disable one of its TLOC, either mpls or public. And soon after that the omp goes down on that transport too. If I see show control connections-history it says that the "Challenge rejected by peer and BoardID not verified.". The WAN edge tears down the DTLS connection at this point. BFD sessions with other vedges are also torn. When I check show orchestrator valid-vedges the chassis-numbers and serial numbers are correct. In Vmanage, the GUI shows the WAN edge list all vEdge clouds green and certificates aok. After about a few minutes, the other TLOC on the WAN edge goes down as well and the DTLS connection is torn down for the same reasons mentioned. The Vmanage then declares the vEdge unreachable. Eventually all Vedges will go down in this fashion. I am failing to understand what is going on here. The debug output is pretty cryptic as well. I did collect some system manager and chassis manager logs to investigatem but no luck so far. The configs are the same, the certificates are valid, clocks are all synched to America/New_York, holy cow!. I am using 18.4.4 today. I have tried this on 18.4.5,19.2.3 and 20.3.2 all suffering the same fate. Any help on this matter would be greatly appreciated.
@vaaghran
3 жыл бұрын
All configuration up to video 5 is done in my lab. I am running eve-pro on ESXI with pretty beefy resources so I don't think my issue is related to the controllers not having enough juice. I am giving 8 vCPUs and 30 GB ram to the vmanage, 2 vCPUs and 4 GB ram each to vbond, vsmart and the wan edges. The routers in the middle are also given 3 GB ram each.
@RobRikerTechChannel
3 жыл бұрын
very weird, never ran into that issue. It's possible it's the routers acting as the Inet and MPLS maybe causing it. I did do some tests with CSR1000v with 16.6 code that support 1Mbps throughput. You might try that. Or use the bridge option in EVE, it might help, one subnet per bridge versus several subnets, I believe the bridge is line rate, so gigabit.
@vaaghran
3 жыл бұрын
@@RobRikerTechChannel Do you think its something to do with the ESXI host? I have applied the vsphere essentials license on it as well which allows you to use both physical CPUs and the core limits are removed. I will give the 16.6 CSR router a try and see what happens. Using the bridge option seems like going out of the way to solve a problem like this, but oh well.
@vaaghran
3 жыл бұрын
How much resources you gave to the CSRs when testing?
@vaaghran
3 жыл бұрын
@@RobRikerTechChannel Tried both solutions you suggested, alas the behaviour is the same. What is strange is that after about 20 minutes or so the vEdge router breaks its BGP connection to the MPLS router. Then the next hop IP address is not pinging. Of course all control connections are down at this point on the MPLS side, but public internet is working. After even some more time passes the public one goes down as well and I can't ping the next hop IP. I think this is a certificate serial number issue. The WAN edge list file is going to be needed it seems. I am willing to pay for it as well, because I am not associated with any Cisco partner. Not sure how to go about doing this.
@dimitrisplatias4879
4 жыл бұрын
Hello Rob really amazing job here whole sdwan series is very comprehensive. Although i have some troubles to understand the theory of the process to install certificates between CA server and vedge/vmanage/vbond etc... The first generated certificate from CA server involve public and private key? Can you give an example with the steps in order to install the certificate between vedge and CA ? Thank you in advanced
@RobRikerTechChannel
4 жыл бұрын
I cover this in the video download the root cert from the CA and install it on the vEdge generate the CSR, copy it, paste it into the CLI of the CA, take generated signed ID cert back to vEdge and paste in install signed ID cert not sure if this is what you wanted or not.
@xXV1ralXx
3 жыл бұрын
Thank you, Rob! Does anyone know if there is a way to onboard CSR100v routers as part of this lab without having Cisco Smart Account?
@RobRikerTechChannel
3 жыл бұрын
Not that I know of
@xXV1ralXx
3 жыл бұрын
@@RobRikerTechChannel Thank you :)
@brohamad2910
4 жыл бұрын
Hey Rob. What version of viptela you’re using? I am stuck at the point where i onboard the vEdges. I have reachability and certa are installed successfully but when i add vEdge1 in vManage CLI for example it doesn’t show up in vManage gui neither the CLI. Is the only way to get the vedges list signed from cisco website? Or i have to run an older version? I am running 18.4.5. BTW, i have gotten the SN# and the Chassis num.
@RobRikerTechChannel
4 жыл бұрын
make sure that the certificate is valid when you install it. if the cert is valid, then the vManage won't show it in the gui. I'm uaing 18.4.3. If you've gotten the SN# and chassis number, the cert should be valid. I'm not sure why it doesn't show up.
@brohamad2910
4 жыл бұрын
Rob Riker's Tech Channel Thank you for the quick response! glad I didn’t give up quickly. I had to add them in vBond and now i can see them in vManage.
@RobRikerTechChannel
4 жыл бұрын
@@brohamad2910 Nice! I followed the directions I had been given, which stated add to the CLI of vManage and vBond and BOOM, they show up! Good on ya!
@brohamad2910
4 жыл бұрын
Rob Riker's Tech Channel yep, i went back in the video and got it. Really enjoying this lab and all the valuable info you’re providing. Thank you!
@aliattashsaify5400
3 жыл бұрын
Hey buddy me who added the chassis number as well as the serial number in vmanage and also vbond but the vedges do not appear in vmanage GUI
@YaficoVideo
2 жыл бұрын
Thanks for the great video Rob. I am having the same issue with the vEdge not appearing in the vManage GUI. I have followed the exact same steps and did not receive any error message. Got the same messages as you did, but my vEdges do not appear. I am running version 18.4.5 for everything. Also tried with version 18.4.4, but same issue. Any idea?
@chaimaamouhcine3811
2 жыл бұрын
Did you fix the problem? Ihave the same issue and don't know what to do. Do u have any tips?
@stevenwilliams7774
2 жыл бұрын
Anyone else have an issue where you have to clear arp on your interface vlan where you vmanage server lives on the mgmt interface to get access again? I find myself having to do this a lot.
@Valtrom87
4 жыл бұрын
Thanks!
@momondour571
3 жыл бұрын
HI Rob, Currently you are using which version for the CSR1000v in EVE-ng, I have version 16.9 but it doesn't work.
@RobRikerTechChannel
3 жыл бұрын
Not using CSRs at all in the topology. Only IOSv.
@robertbilek9040
Жыл бұрын
Are you using the SD-WAN version of CSR1000v? I once accidentally downloaded the regular ios-xe version and couldn't understand why sd-wan commands weren't working.
@rajradia6367
4 жыл бұрын
hi, Thanks for the Excellent video. Do we need to create a smart account to enable us to register the Vedge devices?
@RobRikerTechChannel
4 жыл бұрын
nope, not needed.
@aliattashsaify5400
3 жыл бұрын
I used to use version 20 but i couldn't download the root-cert-chain via tftp from CA-Server i changed the version to 19.1.0 it was all good untile the vedges do not appear in vManage
@joyantadebnath8603
2 жыл бұрын
@@aliattashsaify5400 20 have some problem, use 19 and hope it will resolve the probelm
@vincekimcostales6658
Жыл бұрын
can you give us the serialfile that you use?? because my account is restricted to generate license file, thanks
@RobRikerTechChannel
Жыл бұрын
Never needed it, what I use, is what you see, nothing is hidden.
@borisavezov2989
3 жыл бұрын
got it worked
@vaaghran
4 жыл бұрын
Hi Rob have you tried playing around with IOS-XE-SDWAN on CSR1000v cli? I am trying to find documentation but not getting anything concrete. There is no option in the cli to configure the transport and service vpns for SDWAN. I am running csr1000v-ucmk9.16.12.4a.qcow2 in eve-ng.
@vaaghran
4 жыл бұрын
following this document to make second lab. Learned a LOT from your lab. www.cisco.com/c/dam/en/us/td/docs/solutions/CVD/SDWAN/SD-WAN-End-to-End-Deployment-Guide.pdf
@RobRikerTechChannel
4 жыл бұрын
only played a little bit with that, at some point i'll dive into it.
@vaaghran
4 жыл бұрын
@@RobRikerTechChannel The crooked thing is that I am not able to find any configuration guides on Cisco's website talking about the different aspects of the configuration. Don't know if I am missing something.
@RobRikerTechChannel
4 жыл бұрын
doubt you'll find it there, I've had to check independent blogs and youtube videos that cover it.
@robertw3885
9 ай бұрын
Ok, this is messed up. Your lab here shows vIOS images for the INET and the MPLS routers but the downloadable topology and the configs that I had to join and pay $10.81 show a CSR router. WTF?
@RobRikerTechChannel
9 ай бұрын
Ok, so? I'm failing to see your issue. Interface nomenclature? G1 vs G0/1?
@okeychimeh977
3 жыл бұрын
Thanks a lot Rob .. I hit a brickwall onboarding vedges .. When i onboard a 2nd vedge it knocks out the 1st one from vmanage.. I noticed they have the same chasis number though different serial numbers. Please what could I be doing wrong & can I remedy that ?
@RobRikerTechChannel
3 жыл бұрын
what do you get as an output from "show certificate serial"?
@okeychimeh977
3 жыл бұрын
As sample of the the "show certificate serial" from the vedges in my lab.. 23fbbb83-cfbe-462e-9f12-36adfea22344 serial number: 06 23fbbb83-cfbe-462e-9f12-36adfea22344 serial number: 05 23fbbb83-cfbe-462e-9f12-36adfea22344 serial number: 07
@RobRikerTechChannel
3 жыл бұрын
No idea, never seen that issue before. I can only suggest rebooting EVE, redeploy EVE and start over. I honestly have no idea.
@okeychimeh977
3 жыл бұрын
Already rebooted .. Will try a reinstall ( already sweating thinking about it ) & revert tommorow. Thanks
@luisribeiro9527
3 жыл бұрын
Any idea if a similar process can be used to onboard a cEdge (IOS XE)?
@RobRikerTechChannel
3 жыл бұрын
Go check out @Terry Vinson's Channel.
@luisribeiro9527
3 жыл бұрын
@@RobRikerTechChannel Thanks!
@aliattashsaify5400
3 жыл бұрын
Hey thanks rob thanks for your beautiful video i am using version 19.1.0 i just installed root-cert-chain on vedge added the chassis number as well as the serial number in vmanage and also vbond but the vedges do not appear in vmanage GUI
@RobRikerTechChannel
3 жыл бұрын
Only time I had an issue was when the certificate on the vEdges wasn't valid yet. Other than that, it took a few minutes to show up. 18.4 was my version, you might see some inconsistencies from my video
@aliattashsaify5400
3 жыл бұрын
@@RobRikerTechChannel Wow man that was absolutely right the Certificate was not valid i made some changes to CA Server configs, now i sync them and it works fine i just added my 4 vedges and pushed it to controllers Thanks rob once again, you are one of the best IT KZitemr currently
@chaimaamouhcine3811
2 жыл бұрын
@@aliattashsaify5400 what changes did u make to CA server config please?
@theuniverse8801
3 жыл бұрын
Can someone share INT & MPLS routers config ?
@RobRikerTechChannel
3 жыл бұрын
Become a member to access the configurations.
@bhuvagaurav1120
3 жыл бұрын
@@RobRikerTechChannel how to become member ?
@RobRikerTechChannel
3 жыл бұрын
@@bhuvagaurav1120 click join on a video, next to subscribe.
@goharali9397
2 жыл бұрын
Hello Sir, How are you, I like you channel and recomend for every one its a very best channel for SDWAN learning, Sir if you don't mind could you shere this topology with me. thank you very much. CCIE # 47481 HCIE # 9339
@borisavezov2989
3 жыл бұрын
vEdge2# request root-cert-chain install home/admin/PKI.ca Uploading root-ca-cert-chain via VPN 0 Copying ... /home/admin/PKI.ca via VPN 0 Error: Not a valid certificate Failed to install the root certificate chain !! vEdge2#
Пікірлер: 121