Add SD-WAN Controller and SD-WAN Validator Components

Add SD-WAN Controller and SD-WAN Validator components feature history

Table 1. Feature history

Feature Name

Release Information

Description

Add Controller and Validator components workflow

Cisco Catalyst SD-WAN Control Components Release 20.18.1

The Add Controller and Validator Components workflow adds these Cisco SD-WAN Control Components to the SD-WAN fabric.

Supported solutions for the Add SD-WAN Controller and SD-WAN Validator workflow

The workflow applies to the SD-WAN and SD-Routing solutions.

Supported environments for the Add SD-WAN Controller and SD-WAN Validator components workflow

The workflow is available in Cisco Catalyst SD-WAN environments in which you manage the SD-WAN Control Components.

Prerequisites for the Add SD-WAN Controller and SD-WAN Validator components workflow

Adding these Cisco SD-WAN Control Components requires:

  • Management IP address for the SD-WAN Controller or SD-WAN Validator

  • Credentials for the SD-WAN Manager that manages the network where you are adding the components

  • Certificate file for certificate-based authentication within the Cisco Catalyst SD-WAN environment

  • Ability to sign the certificate signing request (CSR) for the certificate

    For signing the certificate, you can choose Cisco-signed or enterprise-signed options.

Add SD-WAN Controllers or SD-WAN Validators using a workflow

Before you begin

See Prerequisites for the Add SD-WAN Controller and SD-WAN Validator components workflow.

Procedure


Step 1

From the Cisco SD-WAN Manager menu, choose Workflows > Workflow Library.

Step 2

Launch the Add Controller and Validator Components workflow.

Step 3

Choose either Controller or Validator, and proceed according to the instructions in the workflow.

For the authentication certificate assigned to the new SD-WAN Control Component, you can do one of these:

  • Handle certificate signing within the workflow:

    • Renewal type: Manual

      Choose the option to generate a certificate signing request (CSR). This facilitates getting the certificate signed and ready for use during the workflow. This option provides you with a CSR to download, to get the certificate signed. After getting the certificate signed, you upload the certificate within this workflow.

    • Renewal type: Automatic

      This option is available if two conditions are met:

      • Administration > Settings > Certificate setttings > Control Components set to Cisco, and

      • Smart Account credentials (Administration > Settings > Smart Account Credentials) are configured.

  • Handle certificate signing later:

    You can leave the Generate CSR… option unselected, and get the certificate signed later. Until the certificate is signed, the new SD-WAN Control Component cannot establish control connections in the network.

If you choose Controller, the workflow presents an option to attach a preconfigured Cisco SD-WAN Controller template if you have one.


The new component appears on the Configuration > Certificates > Control Components page.

What to do next

If you chose to handle certificate signing outside of the workflow, you can handle that using:

  1. From the Cisco SD-WAN Manager menu, choose Configuration > Certificates > Control Components.

  2. Adjacent to the new SD-WAN Control Component, click ... > Generate CSR.