Cisco Catalyst SD-WAN Getting Started Guide

Add SD-WAN Controller and SD-WAN Validator components feature history

Table 1. Feature history
Feature Name	Release Information	Description
Add Controller and Validator components workflow	Cisco Catalyst SD-WAN Control Components Release 20.18.1	The Add Controller and Validator Components workflow adds these Cisco SD-WAN Control Components to the SD-WAN fabric.

Add SD-WAN Controller and SD-WAN Validator components

The Control Components Certificate Management Workflow in Cisco SD-WAN Manager is a step-by-step interactive procedure (called a workflow) that adds either of these components to an SD-WAN fabric:

SD-WAN Controller
SD-WAN Validator

For details about certificate requirements for Cisco SD-WAN Control Components, see Cisco Catalyst SD-WAN Control Components Certificates and Authorized Serial Number File Prescriptive Deployment Guide.

Supported solutions for the Add SD-WAN Controller and SD-WAN Validator workflow

The workflow applies to the SD-WAN and SD-Routing solutions.

Supported environments for the Add SD-WAN Controller and SD-WAN Validator components workflow

The workflow is available in Cisco Catalyst SD-WAN environments in which you manage the SD-WAN Control Components.

Prerequisites for the Add SD-WAN Controller and SD-WAN Validator components workflow

Adding these Cisco SD-WAN Control Components requires:

Management IP address for the SD-WAN Controller or SD-WAN Validator
Credentials for the SD-WAN Manager that manages the network where you are adding the components
Certificate file for certificate-based authentication within the Cisco Catalyst SD-WAN environment
Ability to sign the certificate signing request (CSR) for the certificate

For signing the certificate, you can choose Cisco-signed or enterprise-signed options.

Add SD-WAN Controllers or SD-WAN Validators using a workflow

Before you begin

See Prerequisites for the Add SD-WAN Controller and SD-WAN Validator components workflow.

Procedure

Step 1

From the Cisco SD-WAN Manager menu, choose Workflows > Workflow Library.

Step 2

Launch the Add Controller and Validator Components workflow.

Step 3

Choose either Controller or Validator, and proceed according to the instructions in the workflow.

For the authentication certificate assigned to the new SD-WAN Control Component, you can do one of these:

Handle certificate signing within the workflow:
- Renewal type: Manual
  
  Choose the option to generate a certificate signing request (CSR). This facilitates getting the certificate signed and ready for use during the workflow. This option provides you with a CSR to download, to get the certificate signed. After getting the certificate signed, you upload the certificate within this workflow.
- Renewal type: Automatic
  
  This option is available if two conditions are met:
  - Administration > Settings > Certificate setttings > Control Components set to Cisco, and
  - Smart Account credentials (Administration > Settings > Smart Account Credentials) are configured.
Handle certificate signing later:

You can leave the Generate CSR… option unselected, and get the certificate signed later. Until the certificate is signed, the new SD-WAN Control Component cannot establish control connections in the network.

If you choose Controller, the workflow presents an option to attach a preconfigured Cisco SD-WAN Controller template if you have one.

The new component appears on the Configuration > Certificates > Control Components page.

What to do next

If you chose to handle certificate signing outside of the workflow, you can handle that using:

From the Cisco SD-WAN Manager menu, choose Configuration > Certificates > Control Components.
Adjacent to the new SD-WAN Control Component, click ... > Generate CSR.

Bias-Free Language

Book Title

Cisco Catalyst SD-WAN Getting Started Guide

Chapter Title

Add SD-WAN Controller and SD-WAN Validator Components

Results

Chapter: Add SD-WAN Controller and SD-WAN Validator Components