Cisco CSR 1000V Series Cloud Services Router Software Configuration Guide
Configuring Support for Remote Management by Cisco Prime Network Services Controller (PNSC)
Downloads: This chapterpdf (PDF - 218.0KB) The complete bookPDF (PDF - 3.29MB) | Feedback

Table of Contents

Configuring Support for Remote Management by the Cisco Prime Network Services Controller

Configuring the Management Interface to Support Remote Management by the Cisco Prime Network Services Controller

Configuring Remote Management by Cisco Prime Network Services Controller

Enabling Remote Management by the Cisco Prime Network Services Controller Host

Disabling Remote Management by the Cisco Prime Network Services Controller Host

Configuring the Management Interface to Support Remote Management by the Cisco Prime Network Services Controller

You can use the Cisco Prime Network Services Controller to provision, manage and monitor the Cisco CSR 1000V. For information on feature support, see the “Managing the Router Using Cisco Prime Network Services Controller” section. This procedure configures the Cisco CSR 1000V management interface to support remote management using the Cisco Prime Network Services Controller.

SUMMARY STEPS

1. enable

2. configure terminal

3. interface mgmt-interface

4. ip address mgmt-ipv4-addr

5. no shutdown

6. exit

7. interface virtualportgroup virtual-port-group-number-number

8. ip unnumbered management-interface

9. no shutdown

10. exit

11. virtual-service csr_mgmt

12. vnic gateway virtualportgroup virtual-port-group-number-number

13. guest ip address remote-mgmt-ipv4-addr

14. exit

15. activate

16. end

17. ip route ip-address subnet-mask virtualportgroup virtual-port-group-number

DETAILED STEPS

 

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

interface mgmt-interface

 

Router(config)# interface gig1

Enters interface configuration mode for the management interface.

Step 4

ip address mgmt-ipv4-addr subnet-mask

 

Router(config-if)# ip address 172.25.29.235 255.255.255.128

Configures the IP address for the management interface.

Step 5

no shutdown

 

Router(config-if)# no shutdown

Enables the management interface.

Step 6

exit

 
Router(config-if)# exit

Exits interface configuration mode.

Step 7

interface virtualportgroup virtual-port-group-number-number

 
Router(config)# interface virtuaportgroup 0

Creates a virtual port group and enters virtual port group interface configuration mode.

Step 8

ip unnumbered management-interface

 
Router(config-if)# ip unnumbered gigabitethernet1

Enables IP processing on an interface without assigning it an explicit IP address.

Step 9

no shutdown

 
Router(config-if)# no shutdown

Enables the management interface.

Step 10

exit

 
Router(config-if)# exit

Exits virtual port group interface mode.

Step 11

virtual-service csr_mgmt

 

Router(config)# virtual-service csr_mgmt

Configures the csr_mgmt virtual services container and enters virtual services configuration mode.

Step 12

vnic gateway virtualportgroup virtual-port-group-number

 

Router(config-virt-serv)# vnic gateway virtualportgroup 0

Creates a vNIC gateway interface for the virtual services container and maps the vNIC gateway interface to the virtual port group.

Step 13

guest ip address remote-mgmt-ipv4-addr

 

Router(config-virt-serv-intf) guest ip address 172.25.29.236

Configures the remote-management IP address for the vNIC gateway interface for the virtual services container.

Step 14

exit

 

Router(config-virt-serv-intf)# exit

Exits virtual services interface configuration mode and enters virtual services configuration mode.

Step 15

activate

 

Router(config-virt-serv)# activate

Activates the csr_mgmt virtual services container.

Step 16

end

 

Router(config-virt-serv)# end

Exits virtual services configuration mode and enters global configuration mode.

Step 17

ip route ip-address subnet-mask virtualportgroup virtual-port-group-number

 
Router(config)# ip route 172.25.29.236 255.255.255.255 VirtualPortGroup0

Creates an IP route that maps to the virtual port group. Use the same IP address that was configured using the guest ip address command.

Configuring Remote Management by Cisco Prime Network Services Controller

Enabling Remote Management by the Cisco Prime Network Services Controller Host

The Cisco Prime Network Services Controller control point agent (CPA) is used to manage the interface between the Cisco CSR 1000V and the Cisco Prime Network Services Controller host. The Cisco Prime Network Services Controller CPA must be activated on the Cisco CSR 1000V before Cisco Prime Network Services Controller can be used to remotely manage the router.

You must use the Cisco IOS XE CLI to manually activate the Cisco Prime Network Services Controller CPA in the following situations:

  • If you did not enable Cisco Prime Network Services Controller support through bootstrap when you deployed the OVA.
  • If you are manually configuring the Cisco CSR 1000V when it is up and running.

For more information about installing the Cisco CSR 1000V by deploying the OVA, see the “Deploying the Cisco CSR 1000V OVA Template to the VM” section.

SUMMARY STEPS

1. enable

2. configure terminal

3. remote-management

4. pnsc host ipv4-addr local-port number shared-secret string


Note When remote management by Cisco Prime Network Services Controller is enabled using this command, the REST API PUT, POST, and DELETE operations are disabled. However, the GET operation is still available.


5. end

6. show remote-management status

DETAILED STEPS

 

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

remote-management

 

Router(config)# remote-management

Enters remote-management configuration mode.

Step 4

pnsc host ipv4-addr local-port number shared-secret string

 

Router(cfg-remote-mgmt)# pnsc host 172.25.29.234 local-port 8443 shared-secret ********

Enables remote management by Cisco Prime Network Services Controller and sets up the access to the Cisco Prime Network Services Controller host.

  • The ipvr-address represents the IP address of the Cisco Prime Network Services Controller host.
  • The local-port is the TCP port number for receiving the HTTPS requests from Cisco Prime Network Services Controller. The valid range is from 1 to 65535. There is no default port number. The local-port number should not be the same port number configured with the ip http port command.
  • The shared-secret configured in this step should match the shared-secret configured on Cisco Prime Network Services Controller. Once configured, only the encrypted version of the shared secret is displayed.

Note When remote management by Cisco Prime Network Services Controller is enabled using this command, the REST API PUT, POST, and DELETE operations are disabled. However, the GET operation is still available.


Step 5

end

 

Router(config-remote-mgmt)# end

Exits configuration mode and enters privileged EXEC mode.

Step 6

show remote-management status

 

Router# show remote-management status

RESTful-API: enabled

https port: 443

PNSC CPA: enabled

Host 172.27.208125 port 8443 shared-secret *******

Displays the Cisco CSR 1000V remote management settings.

Once remote management by Cisco Prime Network Services Controller is enabled, the following warning is displayed when entering the Cisco IOS XE CLI mode directly on the router:

WARNING: This device is managed by Prime Network Services Controller. RESTful API is read only. Changing configuration using CLI is not recommended.
 

See the Cisco Prime Network Services Controller documentation for more information.

Disabling Remote Management by the Cisco Prime Network Services Controller Host

SUMMARY STEPS

1. enable

2. configure terminal

3. remote-management

4. no pnsc host ipv4-addr local-port number shared-secret string


Note When remote management by Cisco Prime Network Services Controller is disabled using this command, the REST API PUT, POST, and DELETE operations are enabled.


5. end

6. show remote-management status

DETAILED STEPS

 

Command or Action
Purpose

Step 1

enable

 

Router> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

 

Router# configure terminal

Enters global configuration mode.

Step 3

remote-management

 

Router(config)# remote-management

Enters remote-management configuration mode.

Step 4

no pnsc host ipv4-addr local-port number shared-secret string

 

Router(cfg-remote-mgmt)# no pnsc host 172.25.29.234 local-port 8443 shared-secret ********

Disables remote management by Cisco Prime Network Services Controller.

Note When remote management by Cisco Prime Network Services Controller is disabled using this command, the REST API PUT, POST and DELETE operations are enabled.

Step 5

end

 

Router(cfg-remote-mgmt)# end

Exits configuration mode and enters privileged EXEC mode.

Step 6

show remote-management status

 

Router# show remote-management status

RESTful-API: enabled

https port: 443

PNSC CPA: disabled

Host 172.27.208.125 port 8443 shared-secret *******

Displays the Cisco CSR 1000V remote management settings.