![]() IoT FND and the TPS Proxy to talk to one another (refer to Cisco IoT Field Network Director Installation Guide- Oracle Only Deployment, Release 4.3.x, 4.4.x, 4.5.x and 4.6.x, “Setting Up the TPS Proxy” and “Configuring IoT FND to Use the TPS Proxy”). You must generate the keystore files on the IoT FND and TPS Proxy before configuring tunnel provisioning. This is the sequence of events after a FAR is turned on: Before you begin Tunnel provisioning happens automatically. Import the FARs into IoT FND using the Notice-of-Shipment XML file.Īfter completing the previous steps, deploy the FARs and power them on. This step is typically performed at the factory where the FARs are configured to contact the TPS Proxy. Modify the default tunnel provisioning templates.Ĭonfiguring Tunnel Provisioning TemplatesĬonfigure FARs to contact IoT FND over HTTPS through the IoT FND TPS proxy. (Optional) If you plan to use your own templates for tunnel provisioning, create one or more tunnel provisioning groups and Review the IoT FND tunnel provisioning templates to ensure that they create the correct type of tunnel. See “Managing Devices” chapter in Cisco IoT Field Network Director User Guide, Release 4.2.x. See “Managing Devices” chapter in Cisco IoT Field Network Director User Guide, Release 4.2.x See the “Configuring Provisioning “Managing System Settings” chapter in Cisco IoT Field Network Director User Guide, Release 4.2.x and greater.Ĭonfigure HERs to allow management by IoT FND using NETCONF over SSH.Ĭonfiguring HERs before adding them to IoT FND. This property is uploaded for each router using the CSV file.Ĭonfigure the NMS URL and the DHCP proxy client settings on the Provisioning Settings page in IoT FND ( ADMIN > System Management > Provisioning Settings). When using a FlexVPN/DMVPN for a FAR, a new property ‘optimizeTunnelProv=true’ is used to tell FND to avoid HER configurationĭuring the Tunnel Provisioning of the device (router). In IoT FND 4.6.1 release and greater you can user the “Tunnel Provisioning Optimization” feature that allows the following: Ensures that the template only contains addresses for the loopback interface.Ĭonfiguring the DHCP Server for Tunnel Provisioning Note The default IoT FND tunnel provisioning templates configureĪ loopback interface and the IP addresses required to create the tunnels.Ĭisco IOS CGRs/FARs use FlexVPN. To configure IoT FND for tunnel provisioning:Ĭonfigure DHCP servers to provide unique IP addresses to IoT FND. Tunnel Provisioning Configuration Process This initial approach of bringing up your network without a factory configurationĭoes not preclude subsequent use of IPSec in your network Provisioning Template is empty of any CLI. Before you configure IoT FNDįor tunnel provisioning, ensure that the IoT FND TPS Proxy is installed and running.īeginning with IoT FND Release 3.1.x, you have the option to initiate ZTD with no IPSec configured by ensuring that the Tunnel After that, whenever a FAR comes online, IoT FND automatically provisions it with a tunnel. In Tunnel Provisioning Configuration Process. Although the tunnel provisioning process is automatic, you must first complete the configuration steps outlined IoT FND provides basic tunnel configuration templates containing the CLI tunnel configuration commands. To provision tunnels between HERs and FARs, IoT FND executes CLI tunnel configuration commands on these devices. Tunnels Connect FARs and their Corresponding HERs HER can serve up to 500 FARs, which may include multiple tunnels with the same HER EID and name.įigure 1. The default IoT FND templates contain CLI commands to set up and configure GRE and IPsec tunnels. IoT FND sends the commands generated from processing the tunnel provisioning templates to FARs and HERs to provision secure This section describes how to configure IoT FND for tunnel provisioning and how to manage and monitor tunnels connecting FARs Preparing IoT FND for IXM Zero Touch Deployment.Gateway Bootstrap Configuration Template.Configuring the HER Tunnel Deletion Template.Configuring the Head-End Router Tunnel Addition Template. ![]() ![]() Configuring the Field Area Router Tunnel Addition Template.Configuring Tunnel Provisioning Templates.Configuring DHCP for Tunnel Provisioning Using CNR.Configuring the DHCP Server for Tunnel Provisioning.Tunnel Provisioning Configuration Process.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |