EMAIL SUPPORT
dclessons@dclessons.comLOCATION
AFAuthentication between vEdge Router & vManage NMS
Authentication between vEdge Router & vManage NMS
Once the vEdge router and vBond authorized each other, vEdge router receives its full configuration over DTLS connection with vManage NMS
Following are the steps:
- vEdge router establish a DTLS connection with vManage
- vManage will send the configuration file to vEdge Router
- After the Configuration file receive from vManage, vEdge will activate its full configuration
- vEdge router starts advertising prefixes to vSmart Controller
Below is the step by step described, how automatic authentication happens between vEdge and vManage
First vEdge router initiates an encrypted DTLS connection to the IP address of the vManage NMS. Over this encrypted Tunnel, vEdge and vManage will authenticate to each other.
Now let’s see how vEdge Router will authenticate the vManage NMS.
- vManage will send its trusted root CA signed certificate to vEdge Router
- vEdge Router uses it chain of trust to extract the organization name from certificate and match it with its own, if they don’t match it will tear down the DTLS connection.
- If the name matches , vEdge router uses its root CA chain to verify that vManage certificate is signed by root CA , if it is not so then vEdge router will tear down the connection
- And if the Root certificate is validated vEdge router now knows that vManage is valid and after this process authentication of vManage NMS is complete
Comment
TABLE OF CONTENTS
- Onboarding & Provisioning Configuring Templates
- Authentication between vSmart & vBond
- Authentication between vSmart Controller
- Authentication between vBond & vEdge Router
- Authentication between vEdge Router & vManage NMS
- Authentication between vSmart Controller & vEdge Router
- Viptela Specific Port Terminology
- Configure vManage & Generate Certificate
- Configure vBond & Generate Certificate
- Configure vSmart & Generate Certificate
- Configure vEdge & Generate Certificate
- Secure DataPlane Bringup
- Control Plane & Data Plane Operation - Unicast Routing Overview
- Configuring OMP & Its attributes
- Configure Unicast Overlay Routing
- Routing Configuration Example
- Segmentation Overview
- Configuring Segmentation
- Segmentation Configuration Example
- Data Traffic across Private WANs
- NAT in SDWAN & Data Encryption
- SD-WAN Viptela Policy Overview
- SD-WAN Centralized & Localized Control Policy Overview
- SD-WAN Centralized & Localized Data Policy
- Application – Aware Routing Overview
- Service Chaining
- Traffic Flow Monitoring
- vEdge Router as NAT Device
- Zone Based Firewalls
- Configuring Application Aware Routing
- Configure Centralized Control Policy
- Configuring Centralized Data Policy
- Configuring Cflowd Traffic Monitoring
- Configuring Zone based Firewall
- Service Chaining Configuration Example
- Configuring Service Side NAT
- Configuring Transport side NAT
RECENT POSTS
- Advancing Your Career with Cisco Data Center Mastery: A Comprehensive Guide to Nexus Training
- Securing Networks in the Digital Age: Your Guide to Mastering Cisco Identity Services Engine (ISE)
- Becoming an AWS Solution Architect: Your Path to Cloud Expertise
- Navigating Your Journey to Docker Expertise: Master Docker with Comprehensive Training and Certification
- Transform Your Azure Networking Expertise Through AZ-700 Training
- Why Choose DClessons for Your SD-WAN Velocloud Training Needs
- Next-Level Networking: Unlocking Cisco ACI and DCACIA Potential with DClessons
- Mastering Data Center Technologies with DClessons: A Comprehensive Guide to Cisco CCIE Data Center Training
- Why Choose Cisco SD-WAN Solutions with DClessons?
- What is Docker and Why is It Important?
LEAVE A COMMENT
Please login here to comment.