This article shows how to onboard a Branch Device using Versa Director.
Please refer to the reference deployment architecture here
Pre-requisites:
The device is already added on Versa Director using Workflows -> Devices as shown in this article and has status as Deployed.
Step 1:
For the script based Zero Touch Provisioning (ZTP), the user has to login to the Versa FlexVNF (CPE) as admin user.
Change to the scripts directory as shown below:
cd /opt/versa/scripts
$ sudo ./staging.py -w 0 -c 103.231.208.33 -s 103.231.208.45/30 -g 103.231.208.46 -l [email protected] -r [email protected]
-w Physical port number on the CPE which will be WAN port. 2nd port from left is considered port 0
-c IP address of Controller with which staging is to be performed.
-s Static IP address with prefix, to be assigned to the WAN port (0 in this case)
-g Next hop IP address for the WAN port.
-l Local Identifier for IPSec tunnel (on the branch)
-r Remote Identifier for IPSec Tunnel (on the Controller)
During staging the Branch establishes IPSec IKE tunnel with the Controller and these parameters are used for the same.
103.231.208.33/30:It is the WAN IP address of the Controller (Controller WAN interface towards the MPLS).
103.231.208.45/30: It is the WAN IP address of the Branch (Branch WAN interface towards the MPLS).
103.231.208.46: It is the MPLS router interfaces IP (MPLS Router interfaces towards the Branch).
The Local Auth identifier has standard format of [email protected]
How to find Remote Auth Identifier?
Appliance Context > Configurations > Controller name> Services > IP sec > VPN Profiles > Organization.
Click on the Task button on the top right side on the Screen and see the progress
Once the Branch is deployed, the Tunnel interfaces will be added.