Locating CCR and Tenant Information

Locating CCR and Tenant Information

There are several pieces of CCR and tenant information that you need to enable connectivity between the Cisco Cloud Network Controller and the ISN devices. You should be able to get this information through Cisco Nexus Dashboard Orchestrator (Sites > Configure Infra > Download IPN Device Config files only). However, if you find that you need to manually gather the CCR and tenant information, the following sections provide instructions for locating this information.

Information for the CCR

Necessary AWS Information

Your Entry

How To Locate This Information in the AWS Site

Elastic IP address of the third network interface of a CCR

  1. Go into Instances in the EC2 Dashboard in the AWS Management Console.

  2. Choose a CCR instances (click the box next to a CCR instance).

  3. Scroll down until you see Network interfaces on the right side, then click the eth2 link and locate the IP address shown in the Public IP address field.

Public IP address for a CCR

  1. Go into Instances in the EC2 Dashboard in the AWS Management Console.

  2. Locate a CCR instance.

  3. Copy the IP address shown in the IPv4 Public IP column for that CCR instance.

Preshared key for a CCR

  1. Log into a CCR:

    ssh ip-address

    where ip-address is the public IP address for the CCR.

  2. Get the crypto keyring information:

    show running-config | include pre-shared-key

    Output similar to the following appears, where the preshared key is highlighted:

    pre-shared-key address 192.0.2.15 key 123456789009876543211234567890

Peer tunnel IP address for the on-premises IPsec device to a CCR

  1. Log into a CCR:

    ssh ip-address

    where ip-address is the public IP address for the CCR.

  2. Enter the following command:

    show ip interface brief | include Tunnel2

    Output similar to the following appears:

    
Tunnel2              30.29.1.1      YES  NVRAM   up       down

  3. Take the IP address for this tunnel and increment the address by one to get the peer tunnel IP address for the on-premises IPsec device to the CCR.

    For example, if the IP address shown in the output is 30.29.1.1, then the peer tunnel IP address for the on-premises IPsec device to the CCR would be 30.29.1.2.

Information for the Infra Tenant

Necessary AWS Information

Your Entry

How To Locate This Information in the AWS Site

Cloud Account ID for infra tenant

Use the AWS account for the infra tenant as described in Deploying the Cisco Cloud Network Controller in AWS.

Cloud Access Key ID and Cloud Secret Access Key for infra tenant

  1. Log into the Amazon Web Services account for the infra tenant.

  2. Go to IAM.

  3. In the left pane, select Users.

  4. Click the link for your admin account.

  5. On the Summary page, click the Security credentials tab.

  6. Click Create access key if you do not already have an Amazon Web Services access key ID.

  7. Locate the information from the Access key ID and Secret access key fields.

Information for the User Tenant

Necessary AWS Information

Your Entry

How To Locate This Information in the AWS Site

Cloud Account ID for Cisco Cloud Network Controller user tenant

Use the AWS account for the user tenant as described in Setting Up the AWS Account for the User Tenant.

Cloud Access Key ID and Cloud Secret Access Key for Cisco Cloud Network Controller user tenant

  1. Log into the Amazon Web Services account for the user account.

  2. Go to IAM.

  3. In the left pane, select Users.

  4. Click the link for your Cisco Cloud Network Controller user tenant account.

  5. On the Summary page, click the Security credentials tab.

  6. Click Create access key if you do not already have an Amazon Web Services access key ID.

  7. Locate the information from the Access key ID and Secret access key fields.