|
Alarms
|
Set alarm filters and view the alarms generated on the devices on the page.
Cisco vManage Release 20.6.x and earlier: Set alarm filters and view the alarms generated on the devices on the page.
|
No additional permissions.
|
|
Audit Log
|
Set audit log filters and view a log of all the activities on the devices on the page and the page.
Cisco vManage Release 20.6.x and earlier: Set audit log filters and view a log of all the activities on the devices on the page and the page.
|
No additional permissions.
|
|
Certificates
|
View a list of the devices in the overlay network under .
View a certificate signing request (CSR) and certificate on the window.
|
Note
|
Starting from Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.
|
|
Validate and invalidate a device, stage a device, and send the serial number of valid controller devices to the Cisco Catalyst SD-WAN Validator on the window.
Generate a CSR, install a signed certificate, reset the RSA key pair, and invalidate a controller device on the window.
|
Note
|
Starting from Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.
|
|
|
CLI Add-On Template
(Minimum supported release: Cisco vManage Release 20.7.1)
|
View the CLI add-on feature template on the window.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, delete, and copy a CLI add-on feature template on the window.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
Cloud OnRamp
|
View the cloud applications on the and window.
|
No additional permissions.
|
|
Cluster
|
View information about the services running on SD-WAN Manager, a list of devices connected to a SD-WAN Manager server, and the services that are available and running on all the SD-WAN Manager servers in the cluster on the window.
|
Change the IP address of the current SD-WAN Manager, add a SD-WAN Manager server to the cluster, configure the statistics database, edit, and remove a SD-WAN Manager server from the cluster on the window.
|
|
Colocation
|
View the cloud applications on the window.
|
No additional permissions.
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
This permission does not provide any functionality.
|
Deploy a configuration onto Cisco IOS XE Catalyst SD-WAN devices.
|
Note
|
To edit an existing feature configuration requires write permission for Template Configuration.
For more details on deploying devices, see Deploy Devices.
|
|
|
Device CLI Template
(Minimum supported release: Cisco vManage Release 20.7.1)
|
View the device CLI template on the window.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, delete, and copy a device CLI template on the window.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
Device Inventory
|
View the running and local configuration of devices, a log of template activities, and the status of attaching configuration
templates to devices on the window.
View the running and local configuration of the devices and the status of attaching configuration templates to controller
devices on the window.
|
Note
|
Starting from Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.
|
|
Upload a device's authorized serial number file to SD-WAN Manager, toggle a device from SD-WAN Manager configuration mode to CLI mode, copy a device configuration, and delete the device from the network on the window.
Add and delete controller devices from the overlay network, and edit the IP address and login credentials of a controller
device on the window.
|
Note
|
Starting from Cisco IOS XE Catalyst SD-WAN Release 17.13.1a, the Controllers tab is renamed as the Control Components tab to stay consistent with Cisco Catalyst SD-WAN rebranding.
|
|
|
Device Monitoring
|
View the geographic location of the devices on the window.
View events that have occurred on the devices on the page.
Cisco vManage Release 20.6.x and earlier: View events that have occurred on the devices on the page.
View a list of devices in the network, along with device status summary, SD-WAN Application Intelligence Engine (SAIE) and
Cflowd flow information, transport location (TLOC) loss, latency, and jitter information, control and tunnel connections,
system status, and events on the page (only when a device is selected).
|
Note
|
In Cisco vManage Release 20.7.x and earlier releases, the SAIE flow is called the deep packet inspection (DPI) flow.
|
Cisco vManage Release 20.6.x and earlier: Device information is available in the page.
|
Ping a device, run a traceroute, and analyze the traffic path for an IP packet on the page (only when a device is selected).
|
Note
|
These operations require read and write permissions for Device Monitoring.
|
|
|
Device Reboot
|
View the list of devices on which the reboot operation can be performed on the window.
|
Reboot one or more devices on the window.
|
|
Disaster Recovery
|
View information about active and standby clusters running on SD-WAN Manager on the window.
|
No additional permissions.
|
|
Events
|
View the geographic location of the devices on the page.
View the geographic location of the devices on the page.
|
Ping a device, run a traceroute, and analyze the traffic path for an IP packet on the page (only when a device is selected).
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the ThousandEyes settings on the page, in the Other Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the ThousandEyes settings on the page, in the Other Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the DHCP settings on the page, in the Service Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the DHCP settings on the page, in the Service Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the LAN/VPN settings on the page, in the Service Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the LAN/VPN settings on the page, in the Service Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Ethernet Interface settings on the page, in the Service Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Ethernet Interface settings on the page, in the Service Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the SVI Interface settings on the page, in the Service Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the SVI Interface settings on the page, in the Service Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Routing/BGP settings on the page, in the Service Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Routing/BGP settings on the page, in the Service Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Routing/OSPF settings on the page, in the Service Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Routing/OSPF settings on the page, in the Service Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Switchport settings on the page, in the Service Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Switchport settings on the page, in the Service Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Wireless LAN settings on the page, in the Service Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Wireless LAN settings on the page, in the Service Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the AAA settings on the page, in the System Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the AAA settings on the page, in the System Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Banner settings on the page, in the System Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Banner settings on the page, in the System Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Basic settings on the page, in the System Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Basic settings on the page, in the System Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the BFD settings on the page, in the System Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the BFD settings on the page, in the System Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Global settings on the page, in the System Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Global settings on the page, in the System Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Logging settings on the page, in the System Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Logging settings on the page, in the System Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the NTP settings on the page, in the System Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the NTP settings on the page, in the System Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the OMP settings on the page, in the System Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the OMP settings on the page, in the System Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the SNMP settings on the page, in the System Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the SNMP settings on the page, in the System Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Cellular Controller settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Cellular Controller settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Cellular Profile settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Cellular Profile settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Management VPN settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Management VPN settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Management Ethernet Interface settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Management VPN and Management Internet Interface settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the BGP Routing settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the BGP Routing settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Tracker settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Tracker settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Wan/Vpn settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Wan/Vpn settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Wan/Vpn/Interface/Cellular settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Wan/Vpn/Interface/Cellular settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.9.1)
|
View the Wan/Vpn/Interface/Ethernet settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Wan/Vpn/Interface/Ethernet settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
Integration Management
|
View information about controllers running on SD-WAN Manager, on the window.
|
No additional permissions.
|
|
License Management
|
View license information of devices running on SD-WAN Manager, on the window.
|
On the page, configure use of a Cisco Smart Account, choose licenses to manage, and synchronize license information between SD-WAN Manager and the license server.
|
|
Interface
|
View information about the interfaces on a device on the page.
Cisco vManage Release 20.6.x and earlier: View information about the interfaces on a device on the page
|
Edit Chart Options to select the type of data to display, and edit the time period for which to display data on the page.
|
|
Application Monitoring
(Minimum supported release: Cisco Catalyst SD-WAN Manager Release 20.12.1)
|
View the application health of the devices on the window.
|
View the application health of the devices on the window.
|
|
Manage Users
|
View users and user groups on the window.
|
Add, edit, and delete users and user groups from SD-WAN Manager, and edit user group privileges on the window.
|
|
Other Feature Templates
(Minimum supported release: Cisco vManage Release 20.7.1)
|
View all feature templates except the SIG feature template, SIG credential template, and CLI add-on feature template on the
window.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Note
|
To check the mutual authentication option, you need read permission for certificates. (Minimum supported release: Cisco Catalyst SD-WAN Manager Release 20.12.1)
|
|
Create, edit, delete, and copy all feature templates except the SIG feature template, SIG credential template, and CLI add-on
feature template on the window.
|
Note
|
These operations require write permission for Template Configuration.
|
|
Note
|
To check the mutual authentication option, you need write permission for certificates. (Minimum supported release: Cisco Catalyst SD-WAN Manager Release 20.12.1)
|
|
|
Policy
|
View the common policies for all Cisco Catalyst SD-WAN Controllers or devices in the network on the window.
|
Create, edit, and delete the common policies for all Cisco Catalyst SD-WAN Controllers or devices in the network on the window.
|
|
Policy Configuration
|
View the list of policies created and details about them on the window.
|
Create, edit, and delete the common policies for all the Cisco Catalyst SD-WAN Controllers and devices in the network on the
window.
|
|
Policy Deploy
|
View the current status of the Cisco Catalyst SD-WAN Controllers to which a policy is being applied on the window.
|
Activate and deactivate the common policies for all SD-WAN Manager servers in the network on the window.
|
|
RBAC VPN
|
View the VPN groups and segments based on roles on the page.
Cisco vManage Release 20.6.x and earlier: View the VPN groups and segments based on roles on the page.
|
Add, edit, and delete VPNs and VPN groups from SD-WAN Manager, and edit VPN group privileges on the window.
|
|
Routing
|
View real-time routing information for a device on the page.
Cisco vManage Release 20.6.x and earlier: View real-time routing information for a device on the page.
|
Add command filters to speed up the display of information on the page.
|
|
Security
|
View the current status of the Cisco Catalyst SD-WAN Controllers to which a security policy is being applied on the window.
|
Activate and deactivate the security policies for all SD-WAN Manager servers in the network on the window.
|
|
Security Policy Configuration
|
Activate and deactivate the common policies for all SD-WAN Manager servers in the network on the window.
|
Activate and deactivate the security policies for all SD-WAN Manager servers in the network on the window.
|
|
Session Management
|
View user sessions on the window.
|
Add, edit, and delete users and user groups from SD-WAN Manager, and edit user sessions on the window.
|
|
Settings
|
View the organization name, Cisco Catalyst SD-WAN Validator DNS or IP address, certificate authorization settings, software version enforced on a device, custom banner on the SD-WAN Manager login page, and the current settings for collecting statistics on the window.
|
Edit the organization name, Cisco Catalyst SD-WAN Validator DNS or IP address, certificate authorization settings, software version enforced on a device, custom banner on the SD-WAN Manager login page, current settings for collecting statistics, generate a certificate signing request (CSR) for a web server certificate,
and install a certificate on the window.
|
|
SIG Template
(Minimum supported release: Cisco vManage Release 20.7.1)
|
View the SIG feature template and SIG credential template on the window.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, delete, and copy a SIG feature template and SIG credential template on the window.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
SIG Tunnels
(Minimum supported release: Cisco IOS XE Catalyst SD-WAN Release 17.12.x
|
View information about the SIG tunnels on the page.
|
View information about the SIG tunnels on the page.
|
|
Software Upgrade
|
View a list of devices, the custom banner on SD-WAN Manager on which a software upgrade can be performed, and the current software version running on a device on the window.
|
Upload new software images on devices, upgrade, activate, and delete a software image on a device, and set a software image
to be the default image on devices on the window.
|
|
System
|
View system-wide parameters configured using SD-WAN Manager templates on the window.
|
Note
|
In Cisco vManage Release 20.7.x and earlier releases, Device Templates is called Device.
|
|
Configure system-wide parameters using SD-WAN Manager templates on the window.
|
Note
|
In Cisco vManage Release 20.7.x and earlier releases, Device Templates is called Device.
|
|
|
Template Configuration
|
View feature and device templates on the window.
|
Create, edit, delete, and copy a feature or device template on the window.
|
Note
|
From Cisco vManage Release 20.7.1, to create, edit, or delete a template that is already attached to a device, the user requires write permission for the Template
Deploy option.
|
|
|
Template Deploy
|
View the devices attached to a device template on the window.
|
Attach a device to a device template on the window.
|
|
Tools
|
Use the admin tech command to collect the system status information for a device on the window.
|
Use the admin tech command to collect the system status information for a device, and use the interface reset command to shut down and then restart an interface on a device in a single operation on the window.
Rediscover the network to locate new devices and synchronize them with SD-WAN Manager on the window.
Establish an SSH session to the devices and issue CLI commands on the window.
|
|
vAnalytics
|
Launch Cisco SD-WAN Analytics from window.
|
No additional permissions.
|
|
Workflows
|
Launch workflow library from window.
|
No additional permissions.
|
|
(Minimum supported release: Cisco vManage Release 20.11.1)
|
View the devices associated to a configuration group on the window.
|
Deploy a configuration onto Cisco IOS XE Catalyst SD-WAN devices.
|
Note
|
To edit an existing feature configuration requires write permission for Template Configuration.
For more details on deploying devices, see Deploy Devices.
|
|
|
(Minimum supported release: Cisco vManage Release 20.11.1)
|
View the IPv4 Tracker and Tracker Group settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the IPv4 Tracker and Tracker Group settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.11.1)
|
View the IPv6 Tracker and Tracker Group settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the IPv6 Tracker and Tracker Group settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.11.1)
|
View the GPS settings on the page, in the Transport & Management Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Gps settings on the page, in the Transport & Management Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.11.1)
|
View the APPQoE settings on the page, in the Other section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the APPQoE settings on the page, in the Other section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.11.1)
|
View the UCSE settings on the page, in the Other section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the UCSE settings on the page, in the Other section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.11.1)
|
View the Cisco VPN Interface IPSec settings on the page, in the Wan Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Cisco VPN Interface IPSec settings on the page, in the Wan Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.11.1)
|
View the Cisco VPN Interface GRE settings on the page, in the Wan/Lan Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Cisco VPN Interface GRE settings on the page, in the Wan/Lan Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|
|
(Minimum supported release: Cisco vManage Release 20.11.1)
|
View the Cisco Multicast settings on the page, in the Lan Profile section.
|
Note
|
This operation requires read permission for Template Configuration.
|
|
Create, edit, and delete the Cisco Multicast settings on the page, in the Lan Profile section.
|
Note
|
These operations require write permission for Template Configuration.
|
|