Scribd
Upload
199 views

Versa Training Lab Guide: Groups 1 - 2

The document provides instructions for participants to access and configure devices in a Versa training lab. The lab contains two groups, each with pre-configured controllers and branches for participants to configure. The summary includes: - Participants are assigned to configure individual branches across two lab groups, and are instructed on how to access their assigned devices through SSH and the Versa CLI. - Basic tasks are outlined to test SSH access, view device information and interfaces using show commands, and change the branch name configuration as an example. - IP addressing, access credentials, and topology details are provided for all devices in each lab group.

Uploaded by

AARNAV pandey
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
199 views

Versa Training Lab Guide: Groups 1 - 2

The document provides instructions for participants to access and configure devices in a Versa training lab. The lab contains two groups, each with pre-configured controllers and branches for participants to configure. The summary includes: - Participants are assigned to configure individual branches across two lab groups, and are instructed on how to access their assigned devices through SSH and the Versa CLI. - Basic tasks are outlined to test SSH access, view device information and interfaces using show commands, and change the branch name configuration as an example. - IP addressing, access credentials, and topology details are provided for all devices in each lab group.

Uploaded by

AARNAV pandey
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 20

Versa Training

Lab Guide
Groups 1 - 2
Getting started
• We have 2 lab groups for all lab exercises
− Group 1
− Group 2
• Each lab group has 1 Director, 2 Controllers, 1 Hub branch, 6 CPE branches and client hosts
for generating traffic.
• The Controllers and Hub branch in each group is pre-configured.
• Participants should assign themselves a branch starting from Group 1
• Participants can either take a single branch or team up with a partner and take a branch to
configure.
• All devices are installed as Virtual machines
• Help each other. Not everyone learns at the same pace or has similar experience and skills.
• If you have any questions feel free to contact the Trainer.
Access Details

Lab 1 Lab 2

Director IP : https://103.231.208.51:1443 Director IP : https://103.231.208.51:2443


Username / Password : labuser / --------- Username / Password : labuser / -----
Jump server IP / Port [ssh] : 103.231.208.51 / 1122 Jump server IP / Port [ssh] : 103.231.208.51 / 2222
Username / Password : labuser/------- Username / Password : labuser/-------
Versa Analytics: Versa Analytics:
Username / password : versa/versa123 Username / password : versa/versa123
FlexVNF: FlexVNF:
Username / password : admin/versa123 Username / password : admin/versa123

3
Lab Group - 1 Director Analytics

Control
DC 1 Network DC 2
Director external Access
https://103.231.208.51:1443
SSH Jump node access Controller01 Controller02
103.231.208.51 1122
192.168.100.2 145.67.89.2 192.168.100.50 145.67.89.50

Hub157

MPLS Internet Layer 3 Router

MPLS WAN: VNI-0/0


Internet WAN: VNI-0/1
LAN: VNI-0/2

To access device mgmt (eth0)


address Branch 151 Branch 152 Branch 153 Branch 154 Branch 155 Branch 156
ssh to 172.16.10.xxx
xxx = branch number
192.168.151.0/24 192.168.152.0/24 192.168.153.0/24 192.168.154.0/24 192.168.155.0/24 192.168.156.0/24
IP Details – Lab Group1
Management- MPLS Transport-
Serial No MPLS NH Internet Transport- VNI-0/1* Internet NH LAN-NETWORK LAN IP
Devices eth0 VNI-0/0*
172.16.10.0/24 192.168.100.x/24 145.67.89.0/24 192.168.x.0/24
Controller 172.16.10.xxx 192.168.100.2/30 192.168.100.1 145.67.89.2/30 145.67.89.1
192.168.151.1
Branch151 SR151 172.16.10.151 192.168.100.6/30 192.168.100.5 192.168.151.0/24
192.168.152.1
Branch152 SR152 172.16.10.152 192.168.100.10/30 192.168.100.9 192.168.152.0/24
192.168.153.1
Branch153 SR153 172.16.10.153 192.168.100.14/30 192.168.100.13 145.67.89.14/30 145.67.89.13 192.168.153.0/24
192.168.154.1
Branch154 SR154 172.16.10.154 192.168.100.18/30 192.168.100.17 145.67.89.18/30 145.67.89.17 192.168.154.0/24
192.168.155.1
Branch155 SR155 172.16.10.155 145.67.89.22/30 145.67.89.21 192.168.155.0/24

Branch156 SR156 172.16.10.156 145.67.89.26/30 145.67.89.25 192.168.156.0/24 192.168.156.1

Note : Not all Transports are to be used. Refer topology


5
Lab Group - 2 Director Analytics

Control
DC 1 Network DC 2
Director external Access
https://103.231.208.51:2443
SSH Jump node access Controller01 Controller02
103.231.208.51 2222
192.168.100.2 145.67.89.2 192.168.100.50 145.67.89.50

Hub157

MPLS Internet Layer 3 Router

MPLS WAN: VNI-0/0


Internet WAN: VNI-0/1
LAN: VNI-0/2

Branch 151 Branch 152 Branch 153 Branch 154 Branch 155 Branch 156
To access device mgmt
(eth0) address
ssh to 172.16.20.xxx 192.168.151.0/24 192.168.152.0/24 192.168.153.0/24 192.168.154.0/24 192.168.155.0/24 192.168.156.0/24
xxx = branch number
IP Details – Lab Group2
MPLS Transport- Internet Transport-
Serial No Management-eth0 MPLS NH Internet NH LAN-NETWORK LAN IP
Devices VNI-0/0 VNI-0/1
172.16.20.0/24 192.168.100.x/24 145.67.89.0/24 192.168.x.0/24
Controller 172.16.20.xxx 192.168.100.2/30 192.168.100.1 145.67.89.2/30 145.67.89.1
192.168.151.1
Branch151 SR151 172.16.20.151 192.168.100.6/30 192.168.100.5 192.168.151.0/24
192.168.152.1
Branch152 SR152 172.16.20.152 192.168.100.10/30 192.168.100.9 192.168.152.0/24
192.168.153.1
Branch153 SR153 172.16.20.153 192.168.100.14/30 192.168.100.13 145.67.89.14/30 145.67.89.13 192.168.153.0/24
192.168.154.1
Branch154 SR154 172.16.20.154 192.168.100.18/30 192.168.100.17 145.67.89.18/30 145.67.89.17 192.168.154.0/24
192.168.155.1
Branch155 SR155 172.16.20.155 145.67.89.22/30 145.67.89.21 192.168.155.0/24

Branch156 SR156 172.16.20.156 145.67.89.26/30 145.67.89.25 192.168.156.0/24 192.168.156.1

Note : Not all Transports are to be used. Refer topology


7
Versa-Training Lab Guide
Lab 1

8
Lab 1
Objective: To familiarize yourself with the lab access procedure and try some
basic commands on the appliance.

• Task 1: Test ssh access to your assigned device


1. Open ssh client on you laptop
2. ssh to jump box [ Refer lab access details for your jump server IP and user credentials]
3. From jump box, access your assigned branch. Type in
ssh [email protected] where xx is the lab number and yyy is the device number. Answer yes for security
question and enter password as versa123
e.g. For Branch151 on lag grpoup1 – ssh [email protected]
4. You will be in Linux shell mode when you connect. Access Versa CLI by entering “cli”
5. You can try some show commands while in cli mode. For example;
show interfaces brief
show configuration
show configuration | display set
7. Use help functions “?” and tab key on your keyboard ahead while using cli.

• Task 2: Use Versa cli to change name of the branch to something different than current
name. Configuration example using Branch152 is shown in the next slide.

9
Lab 1
admin@Branch152-cli> configure
Entering configuration mode private
[ok][2016-10-13 12:59:03]

[edit]
admin@Branch152-cli(config)% set system identification name Branch-new
[ok][2016-10-13 12:59:33]

[edit]
admin@Branch152-cli(config)% commit
Commit complete.

Repeat the previous 2 commands. Set system identification to your


first name and then commit

admin@Branch-new-cli(config)% exit
[ok][2016-10-13 12:59:40]

admin@Branch-new-cli> configure
Entering configuration mode private
[ok][2016-10-13 12:59:49]

admin@Branch-new-cli(config)% rollback 0
[ok][2016-10-13 12:59:57]

admin@Branch-new-cli(config)% commit
Commit complete.
[ok][2016-10-13 12:59:59]

admin@Branch152-cli(config)% exit
[ok][2016-10-13 13:00:28]
admin@Branch152-cli>

10
Lab 1
• Task3: Test browser access to Versa director. Use either Google
Chrome or Mozilla Firefox browser only. Connect via https to your
assigned lab group Director

[ Use access details provided earlier ]

‒ The browser will display a warning message stating that you are
accessing an insecure website. Accept this message and continue
with the login procedure. The reason this warning is shown is
because the Versa Director has been configured to use a self signed
certificate and not a root CA signed certificate.

Logon with provided userid/password

11
Lab 1

12
Lab 1

13
Lab 1
Result: After this lab you should have logged into your group Director and accessed
the branch assigned to you using the cli. You should be comfortable executing show
commands on the Versa cli.

14
Versa-Training Lab Guide
Lab 2 - Workflows

15
Lab 2
Objective: To configure the Device in the Versa Director using Workflow templates.
First configure the post staging template using the below mentioned steps. There should be one
post-staging template created for each branch
Steps
1. Select Workflows and then select Templates under the option Template
2. Configure a name for the template and select the Type as SDWAN Post-Staging.
3. The organization Tenant1 should be selected
4. Refer the next slide for more information that needs to be filled in the Basic and Interface
options
5. If your branch has an internet link then configure Direct Internet breakout (DIA) using the
Split Tunnels option
6. Under Services select the Next-Gen Firewall service (NGFW)
7. Click on Continue till you reach the Management Servers option. Then select the Create
option
8. Once the template is created, verify if the status of the template is in deployed state

16
Lab 2 – Post-Staging Template
Post-Staging Template Values – Basic Tab
Type Org Controllers Solution Service Analytics cluster
Tier Bandwidth
Post- tenant1 Use Controllers from your lab Advanced 100 mbps One assigned to your
staging group. E.g. for group 1 use SDWAN group
Controller102 & Controller103 And UTM

Post-Staging Template Values – Interfaces Tab


Use appropriate interfaces for your branch. Either mpls or internet or some branches have both mpls and
internet

Interface VLAN ID Network Name org

Vni-0/0 None mpls


internet
Vni-0/1 VLAN assigned Lan-xx tenant1
To branch xx = vlan

Post-Staging Template Values


• Select DIA if your branch has an internet link and select internet
• Select security option and use Nextgen Firewall for tenant1
• Select preferred software version field as empty

17
Lab 2
1. After the template is deployed, start the configuration for the branch assigned to
you. Use your groups diagram or excel sheet to assign addresses
a. Click on Workflows and then select Devices under the Device option
b. Configure a unique name (ex Branch151)
c. Configure the serial number. You should use SRbbb with bbb being your branch
number (e.g. SR151 for Branch151)
d. Configure tenant1 as organization
e. Configure device group. Select the + device group option and configure a device
group. A new window to configure the Device group will pop up.
f. Here select the organization “tenant1” and your post staging template. Leave other
options empty.
g. Configure a location for your branch (at least city and country should be filled)
h. Configure an ipv4 addresses with /24 subnet mask for your WAN and LAN
interfaces.
2. When done, hit the deploy button.
3. After deploying your device, verify it goes to a deployed status.
4. Click on the Tasks icon that is located at the upper right corner of the Director and
identify the steps taken by the Director to deploy your branch
5. Also go to Administration and then click on Inventory and hardware. Verify if your
branch is showing up as Shipped.

18
Lab 2
Result: If the inventory is showing the Device as shipped then it means
that the hardware is now ready to be shipped to the site. The next step is
the onboarding process of the branch where the device authenticates itself
and gets its configuration as part of the Zero Touch Provisioning (ZTP).
This will be covered in the next lab.

19
Thank You

You might also like