Configure Crosswork Data Gateway

This section contains the following topics:

View Current System Settings

Cisco Crosswork Data Gateway allows you to view the following settings:

Management and South/North-bound Data Addresses
NTP
DNS
Proxy
UUID
Syslog
Certificates

Follow these steps to view the current system settings:

Procedure

Step 1

From the Main Menu, select 2 Show System Settings, as shown in the following figure:

Step 2

Click OK. The Show Current System Settings menu opens.

Step 3

Select the setting you want to view.

Setting Option

Description

1 Management and South/North-bound Data Addresses

Displays the addresses of the management, northbound, and southbound interfaces.

Note

Northbound is not applicable to Cisco Crosswork Data Gateway Cloud deployment.

2 NTP

Displays NTP settings.

It is important that NTP time be synchronized with the controller application and its Cisco Crosswork Data Gateway instances.

If not, then session handshake doesn’t happen and functional images are not downloaded. In such cases, error message clock time not matched and sync failed is logged in controller-gateway.log. To access log files, see Run show-tech.

You can use Controller Reachability and NTP Reachability options from Main Menu > Vitals to check NTP reachability for the controller application as well as the Cisco Crosswork Data Gateway instance. See View Cisco Crosswork Data Gateway Vitals. If NTP has been set incorrectly,you will see error Session not established.

To configure NTP settings, see Configure NTP.

3 DNS

Displays addresses of the DNS servers.

4 Proxy

Displays proxy server settings if there's any.

5 UUID

Displays the unique identifier of the Cisco Crosswork Data Gateway VM.

6 Syslog

Displays syslog settings.

The Controller Gateway doesn't send a start event to the Syslog server. Also, SNMP, MDT, and CLI events are not updated in the local syslog file, but are sent to the external syslog server. To configure syslog settings, see Configure Syslog.

7 Certificates

Provides the following options to view certificate files:

Collector certificate file
Controller signing certificate file
Controller SSL/TLS certificate file
Syslog certificate file

Step 4

Click OK. Cisco Crosswork Data Gateway displays the selected setting.

After you are done viewing the settings, press any key to return to the Show Current System Settings menu.

To return to the Main Menu, select x Exit Menu and click OK.

Change Current System Settings

Note

Cisco Crosswork Data Gateway System settings can only be configured by the Administrator.
In settings options where you require to use SCP, if you are not using the default SCP port 22, you can specify the port as a part of the SCP command. For example,
```
-P55 user@host:path/to/file
```
where 55 is a custom port.

Cisco Crosswork Data Gateway allows you to change the following settings:

NTP
DNS
Control Proxy
Static routes
Syslog
SSH keys
Certificate

Follow these steps to change the current system settings:

Procedure

Step 1	From the Main Menu, select 3 Change Current System Settings, as shown in the following figure.
Step 2	Click OK. The Change System Settings menu opens.
Step 3	Select the setting you want to change.
Step 4	Click OK. Cisco Crosswork Data Gateway prompts you to input new value for the selected setting.
Step 5	After you have entered the new settings, click OK to save the settings and return to the Change System System Settings menu. To return to the Main Menu, select x Exit Menu and click OK.

Configure NTP

Procedure

Step 1	From the Change Current System Settings Menu, select 1 Configure NTP and click OK.
Step 2	Enter the new NTP server.
Step 3	Click OK to save the settings.

Configure DNS

Procedure

Step 1	From the Change Current System Settings menu, select 2 Configure DNS and click OK.
Step 2	Enter the new DNS domain and server address.
Step 3	Click OK to save the settings.

Configure Control Proxy

Procedure

Step 1	From the Change Current System Settings menu, select 3 Configure Control Proxy and click OK.
Step 2	Enter the new Proxy server URL and the exception list.
Step 3	Click OK to save the settings.

Configure Static Routes

Configuring static routes from the Main Menu is available only to fix any issues with static routes configuration done by the Route Manager.

Note

If static routes are configured directly from the Main Menu without updating static routes in the controller application, then those static routes will be lost next time Cisco Crosswork Data Gateway reboots.
Northbound interface is not applicable to Cisco Crosswork Data Gateway Cloud deployment. Therefore, in Cloud deployment, the Add and Delete static routes options are applicable only to the Management interface and Southbound interface.

Add Static Routes

Procedure

Step 1	From the Change Current System Settings menu, select 4 Configure Static Routes and click OK.
Step 2	To add a static route, select a Add and click OK.
Step 3	Select the interface for which you want to add a static route and click OK.
Step 4	Select the IP address version for which you want to add a route and click OK.
Step 5	Enter IPv4/IPv6 subnet in CIDR format when prompted.
Step 6	Click OK to save the settings.

Delete Static Routes

Procedure

Step 1	From the Change Current System Settings Menu, select 4 Configure Static Routes and click OK.
Step 2	To delete a static route, select d Delete and click OK.
Step 3	Select the interface for which you want to delete a static route and click OK.
Step 4	Select the IP address version for which you want to delete a route and click OK.
Step 5	Enter IPv4/IPv6 subnet in CIDR format.
Step 6	Click OK to save the settings.

Configure Syslog

Note

For any Syslog server configuration with IPv4/IPv6 support for different linux distributions, please refer your system administrator and configuration guides.

Procedure

Step 1

From the Change Current System Settings Menu, select 5 Configure Syslog and click OK.

Step 2

Enter the new values for the following syslog attributes:.

Server address: IPv4 or IPv6 address of a syslog server accessible from the management interface. If you are using an IPv6 addres, it must be surrounded by square brackets ([1::1]).
Port: Port number of the syslog server
Protocol: Use UDP, TCP, or RELP when sending syslog.
Use Syslog over TLS?: Use TLS to encrypt syslog traffic.
TLS Peer Name: Syslog server's hostname exactly as entered in the server certificate SubjectAltName or subject common name.
Syslog Root Certificate File URI: PEM formatted root cert of syslog server retrieved using SCP.
Syslog Certificate File Passphrase: Password of SCP user to retrieve Syslog certificate chain.

Step 3

Click OK to save the settings.

Create New SSH Keys

Procedure

Step 1	From the Change Current System Settings Menu, select 6 Create new SSH keys.
Step 2	Click OK. Crosswork Data Gateway launches an auto-configuration process that generates new SSH keys.

Import Certificate

Updating any certificate other than Controller Signing Certificate causes a collector restart.

Procedure

Step 1

From the Change Current System Settings Menu, select 7 Import Certificate and click OK.

Step 2

Select the certificate you want to import and click OK.

Note

Option 1 Controller Signing Certificate File is not applicable for Cloud deployment. Selecting this option will cause Cisco Crosswork Data Gateway to throw the following error:

For a Crosswork Cloud deployment,
the change of Controller Signing
Certificate is not allowed.

Step 3

Enter SCP URI for the selected certificate file and click OK.

Step 4

Enter passphrase for the SCP URI and click OK.

Cisco Crosswork Data Gateway 1.1.1 Installation and Customization Guide for Cloud Deployment

Bias-Free Language

Book Title

Cisco Crosswork Data Gateway 1.1.1 Installation and Customization Guide for Cloud Deployment

Chapter Title