SDWAN - Silverpeak

Silver Peak
Deploying SDWAN
Technologies
Self-Guided Lab Instructions

Version 2.1
Deploying SDWAN Technologies Self-Guided Lab Guide
Date: Aug 2016
Copyright © 2016 Silver Peak Systems, Inc. All rights reserved. Information in this document is subject to change at any time. Use of this
documentation is restricted as specified in the End User License Agreement. No part of this documentation can be reproduced, except as
noted in the End User License Agreement, in whole or in part, without the written consent of Silver Peak Systems, Inc.
Trademark Notification
The following are trademarks of Silver Peak Systems, Inc.: Silver Peak SystemsTM, the Silver Peak logo, Network Memory™, Silver Peak
NX-Series™, Silver Peak VX-Series™, Silver Peak VRX-Series™, Silver Peak Unity EdgeConnect™, and Silver Peak Orchestrator™. All
trademark rights reserved. All other brand or product names are trademarks or registered trademarks of their respective companies or
organizations.
Warranties and Disclaimers
THIS DOCUMENTATION IS PROVIDED “AS IS” WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE,
OR NON-INFRINGEMENT. SILVER PEAK SYSTEMS, INC. ASSUMES NO RESPONSIBILITY FOR ERRORS OR OMISSIONS IN THIS
DOCUMENTATION OR OTHER DOCUMENTS WHICH ARE REFERENCED BY OR LINKED TO THIS DOCUMENTATION.
REFERENCES TO CORPORATIONS, THEIR SERVICES AND PRODUCTS, ARE PROVIDED “AS IS” WITHOUT WARRANTY OF ANY
KIND, EITHER EXPRESSED OR IMPLIED. IN NO EVENT SHALL SILVER PEAK SYSTEMS, INC. BE LIABLE FOR ANY SPECIAL,
INCIDENTAL, INDIRECT OR CONSEQUENTIAL DAMAGES OF ANY KIND, OR ANY DAMAGES WHATSOEVER, INCLUDING,
WITHOUT LIMITATION, THOSE RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER OR NOT ADVISED OF THE
POSSIBILITY OF DAMAGE, AND ON ANY THEORY OF LIABILITY, ARISING OUT OF OR IN CONNECTION WITH THE USE OF THIS
DOCUMENTATION. THIS DOCUMENTATION MAY INCLUDE TECHNICAL OR OTHER INACCURACIES OR TYPOGRAPHICAL
ERRORS. CHANGES ARE PERIODICALLY ADDED TO THE INFORMATION HEREIN; THESE CHANGES WILL BE INCORPORATED IN
NEW EDITIONS OF THE DOCUMENTATION. SILVER PEAK SYSTEMS, INC. MAY MAKE IMPROVEMENTS AND/OR CHANGES IN THE
PRODUCT(S) AND/OR THE PROGRAM(S) DESCRIBED IN THIS DOCUMENTATION AT ANY TIME.
Silver Peak Systems, Inc.

2860 De La Cruz Boulevard, Suite 100
Santa Clara, CA 95050
1.877.210.7325 (toll-free in USA)

+1.408.935.1850
http://www.silver-peak.com/support
Page 2 of 139 Do Not Replicate DST Self-Guided Lab Guide 8.0 v2.1
Table of Contents
Initial Instructions ............................................................................................................. 5
Materials 5
Lab Environment 5
Task 1: Print your lab guide 5
Getting Support ............................................................................................................... 6
Lab Topology Familiarization ........................................................................................... 7

Task 1: Familiarization with the lab topology 7
LAB 1: Orchestrator Installation ...................................................................................... 9

Task 1: Connect to the ReadyTech lab environment 9
Task 2: Check to make sure all VMs are deployed. 17
Task 3: Install Orchestrator 19
Task 4: Configure Orchestrator 24
Lab 2: Configure Interface Labels and Groups .............................................................. 32

Task 1: Create Groups 32
Task 2: Create a new label for a LAN interface. 33
Lab 3: Configure Deployment Profiles ........................................................................... 34

Task 1: Configure a Deployment Profile for a Hub Site 34
Task 2: Configure Deployment Profile for a Campus Site with 2 Data Centers 36
Task 3: Configure a Deployment Profile for a Branch Office 37
Lab 4: Configure Template Groups ............................................................................... 38

Task 1: Create a template group 38
Lab 5: Configure Business Intent Overlays ................................................................... 41

Task 1: Create a Business Intent Overlay for Voice 41
Task 2: Create an Overlay for Data Traffic 43
Lab 6: Appliance Configuration...................................................................................... 45

Task 1: Finish configuration of ECV-1 45
Task 2: Finish Configuration of ECV-2 52
Task 3: Complete Registration of ECV-1 & ECV-2 in Orchestrator 57
Task 4: Verify the tunnel on the Topology tab 64
DST Self-Guided Lab Guide 8.0 v2.1 Do Not Replicate Page 3 of 139
Access Labs 7-10 .......................................................................................................... 68
Lab 7: Create a Hub and Spoke Business Intent Overlay with ACL Traffic Access ....... 72
Task 1: Connect to the ReadyTech lab environment 72
Task 2: Check to make sure all VMs are deployed. 75
Task 3: Obtain License information and re-license the Orchestrator and existing Devices 77
Task 4: Add an Access List to the “Main” template group. 84
Task 5: Create a Business Intent Overlay for Hub and Spoke 87
Lab 8 – Hub & Spoke installation for ECV-3 and ECV-4 ............................................... 90
Task 1: Complete the Configuration of ECV-3 90
Task 2: Complete Registration of ECV-3 in Orchestrator 96
Task 3: Install ECV-4 from Scratch 100
Task 4: Complete Registration of ECV-4 in Orchestrator 113
Task 5: Observe Overlay Construction 117
Lab 9: Basic Flow Monitoring....................................................................................... 121

Task 1: Transfer Data Between Sites 1 and 2 121
Lab 10: Business Intent Overlays, Route Policies and Order of Implementation ......... 128
Task 1: Create traffic flows to site 3. Observe how different traffic uses different overlays. 128
Virtual Lab Topology.................................................................................................... 138
Login Information ......................................................................................................... 139
Initial Instructions
Overview
This section explains the process to access the lab environment. Please read this section
and perform tasks outlined in “Your Actions” below.
Materials
You will use this guide for all 10 labs in the course. It is inconvenient to use the PDF to
complete the labs, therefore it is best that you print this guide.
Lab Environment
Labs for this course are implemented in the ReadyTech hosted training environment. The
network architecture is discussed in a lesson. There are three separate lab environments.
Each represents the same class network at different stages of completion.
• Labs 1-6: Deploy Orchestrator, configure and license two EdgeConnect devices.
• Labs 7-10: Install hub-and-spoke network, perform data transfers, monitor network.
You will request each when you are ready to complete the labs. Once you connect to the lab
environment, you will have 20 hours to complete that set of labs.
Task 1: Print your lab guide

1. Print this lab guide. (See “Materials” above for details.)
Getting Support
• Contact ReadyTech for:
o Problems redeeming a voucher (instructions part of Lab 1)
o Lab seems to be down or never comes up
o Pre Installed virtual machines that aren’t operating
o Click on the Support link
• Email: getsupport@readytech.com
• Live Chat
• Contact by telephone
• 24x7 support
• Contact Silver Peak for:
o Problems or questions
regarding the course, lab instructions or processes
o Problems with instructional videos
o Email: training@silver-peak.com
• Support during business hours in California
• Response within one business day
Lab Topology Familiarization
Overview
Review the topology and become familiar with the network you are going to be using for the
labs in this course.
Objectives
Examine the lab topology diagram. Read the description on the next page. Note the
addressing scheme you’ll be using. Print the larger topology diagram at the end of this
manual for constant reference during the labs in this course.
Task 1: Familiarization with the lab topology

Familiarize yourself with the lab environment.
Topology:
Note: A larger diagram along with device userids and passwords is on the last two pages of
this lab manual. Tear it out (or print it) for reference throughout this course.
Topology Details:
• All masks are 24 bit.

• There is an out of band management network (dotted line) using the 192.168.1.0
subnet.
• There are 3 sites. Each site has two connections to the WAN; one over an MPLS
network and one over broadband Internet (each network is actually a WAN emulator).
Site 3 is a campus with 2 data centers, each with its own ECV appliance.
• Most devices have a connection in the management network, and in at least one other
subnet. When you connect to devices from the Student PC, you will use the
management network. When you connect devices over the data path, you’ll be using
one or more of the 10.110.x.x networks.
Addressing requirements table:

(covers several labs) all masks are 24 bit
Requirement ECV-1 ECV-2 ECV-3 ECV-4 Unity

Orchestrator
mgmt0 IP DHCP (see DHCP (see DHCP (see DHCP (see DHCP (see
address console) then console) then console) then console) then console) then
192.168.1.4 192.168.1.5 192.168.1.6 192.168.1.7 192.168.1.254
wan0 IP 10.110.11.100 10.110.21.100 10.110.31.100 10.110.31.101 x
address
wan1 IP 10.110.12.100 10.110.22.100 10.110.32.100 10.110.32.101 x
address
lan0 IP 10.110.10.100 10.110.20.100 10.110.30.100 10.110.30.101 x
Address
• Addressing Notes:
o The default gateway address for the management network is 192.168.1.253.
o The DNS server address is 10.0.1.25, reachable via the default gateway.
o The NTP server address is 192.168.1.251 (resides in K1-MPLS VM).
DHCP on the management network will assign addresses to the devices, and
inform them of the default gateway and DNS server address. This will allow
them to resolve the default name of the Silver Peak Cloud Portal
(cloudportal.silver-peak.com) so they can register themselves with the portal.
A physical appliance would be able to use its unique burned in serial number to register
since the Cloud Portal is aware which serial numbers are associated with which accounts.
Virtual appliances (such as we use in this course) must be given an account name and
account key in order to register and be associated with the correct account. The Cloud
Portal will generate a serial number and assign it to each registering virtual appliance and
associate the new serial number with the account.
LAB 1: Orchestrator Installation
Overview
In this lab you will install an Orchestrator/GMS, then configure and register it with the cloud
portal.
Objective
Observe the GX-V self-registration with the cloud portal, and learn how to verify whether it
has registered or not.
Task 1: Connect to the ReadyTech lab environment

1. Go to http://silverpeak.find.training/
2. Select “Deploying SDWAN Technologies (DST) Labs 1-6” by clicking on it.
Please make sure you select the correct lab as there are many to choose from and
each image is different
Note: The number one cause of student support requests for problems with the
self-paced labs is students picking the first lab in the list instead of reading the
directions, and choosing the correct lab. If you choose the wrong one, you will
get the wrong image, and will not be able to follow the lab instructions.
3. Click on Add to Cart
4. Click Check out
5. Fill in your contact information using the same name and email that you used to
register for the course. Then click Next
Note: A correct email is required for you to receive your voucher
6. Checkout
a. Make sure the correct labs are shown in the Payment window
b. Check the acknowledgement icon. (Silver Peak will be billed. Your cost is $0.00
as shown).
c. Click Place order
7. A Purchase confirmation will be displayed
8. Close the window

9. Check your email. Find the email containing your voucher information (see screenshot
below) and open it.
10. When you are ready to start the lab, click Redeem Now (you may need to scroll down
in your email)
11. You will be taken to the training lab environment. Click Redeem
12. Fill in your personal information and click Redeem.
13. Click OK
14. Click on Lab
15. When you are ready to begin, click Start Lab Now
You will have one day of access time beginning when you click ‘Start the lab’. If you do
not start the lab within a few hours, you will not have time to complete it. All Silver
Peak labs are designed to be completed within 2-4 hours.
16. Click Start Now
Note: Although the message says it may take up to xxx minutes to start (118 in the
screen shot above), your wait should only be 5-10 minutes as machines are deployed
from a hot standby pool.
The only time that you should have to wait the full length of time is when demand is
high and all the machines in the pool have been deployed. In this case a fresh
machine will need to be deployed for you.
17. A message will display. Click Close.
18. When your environment is fully deployed, The Status display should change to Up
19. To Access the lab, click where it says ‘Click here to connect‘
20. Login
a. You should be connected to the remote desktop, which will show a larger
version of the thumbnail image and fill the browser window. Click on the login
panel and login as Administrator using the password Silverpeak1.
b. It is possible to go full screen with your browser window by selecting it from the
dropdown menu. Detaching the window can also gain useful space.
21. Other Lab Notes:

a. DO NOT update, upgrade or register anything in the lab environment unless
explicitly told to do so in the lab instructions.
b. Use the Esc key to exit Full Screen mode.
c. If you need to enter commands in a VMware console window, and you find that
incorrect characters are displaying, you might need to use the onscreen
keyboard.
i. Use the menu shown above and choose Enable Viewer Toolbar.
ii. From the viewer toolbar, enable the onscreen keyboard.
iii. Drag the keyboard over the console window. It may be necessary to
position the keyboard so the letter you want to type is directly over the
active area of the console window.
Task 2: Check to make sure all VMs are deployed.

Note: It’s always possible that you have logged in at a time of high demand, and because
a fresh environment is in the process of being deployed, your lab might not be completely
ready. When this happens, if you log in before the lab is fully deployed, some VMs may be
partially deployed, or missing altogether until the deployment scripts complete, which can
take up to 2 hours. This step is to make sure that your lab is fully deployed. In this case a
fresh machine will need to be deployed for you.
1. On the Student PC desktop, open the VMware vSphere Client by double-clicking on the
desktop icon.
2. Login as root/training.
3. Check the checkbox to Install this certificate… and click Ignore. Ignore any other
warnings.
4. If you see this message, click Yes, otherwise skip to the next step.
5. Click the ‘+’ symbol to expand the list of VMs installed in the esxihost.
6. Match the list of deployed VMs to the list below:
If the list is incomplete, or a VM is still loading (grayed out and no green arrow next to the
VM name), your lab is probably still deploying. Take a break, get some coffee/tea, or
something to eat, then recheck the list in a little while. Remember that a full deployment
can take up to 2 ½ hours.
If the lab has not fully deployed after 2 ½ hours, contact support. Click on ‘Support’ in the
navigation bar at the top of your lab environment, or see the section called ‘Getting
Support’ at the beginning of this document for contact information.
Task 3: Install Orchestrator

1. After ensuring all the VMs have deployed, select FileDeploy OVF Template.
2. Click Browse.
3. Navigate to DesktopLabTGSilverPeakGMS and select the Orchestrator-

8.x.x.ova . Choose the newest image.
Note: Your version may be slightly different than the one shown.
4. Click Open.
5. Click Next.
6. Click Next.
7. Accept the default name of “Orchestrator”, then click Next.
8. Choose the default of Thick Provision Lazy Zeroed, then click Next.
Note: Always Thick Provision to avoid performance problems later on. Never thin
provision.
9. Choose the correct port group to attach the Orchestrator management interface. Your lab
environment already has a port group set up for this device. Under Destination
Networks, select GMS-mgmt0 as shown, then click Next.
10. Check the checkbox to Power on after deployment and click Finish.
11. After the deployment completes, close the dialog box.
Task 4: Configure Orchestrator
1. Select Orchestrator in the list of VMs and make sure the Orchestrator virtual machine is
running. If you forgot to check the ‘’Power on at deployment’ box during the install, you will
need to start it manually by selecting it and clicking the run icon .
2. Select the Console tab. When the Orchestrator has finished booting, the IP address
assigned by DHCP will be displayed. List the IP address below
Note: The IP address might be different than the one shown.
List the appliance IP Address here: _________________________________
Note: If at any time your mouse seems to be unresponsive, and clicking produces
no effect, your cursor may be stuck in a console window.
Use <ctrl>+<alt> to get cursor control back.
3. From the Student PC desktop, open a Chrome browser window and go to the address
you noted in the previous step to log in to the web UI of the Orchestrator. Ignore any
security warnings and proceed to the site.
4. Login to the Orchestrator as admin/admin.
5. The Initial Config Wizard should start. If not, select Orchestrator
AdministrationGetting Started Wizard.
6. Complete the configuration on the first page.
a. Hostname: Orchestrator
b. Management Interface: Static
c. IP Address: 192.168.1.254
d. Mask: 24 bits
e. Next-hop IP Address: 192.168.1.253
f. Domain Name: training.local
g. DNS Primary Server: 10.0.1.25
h. Click Next.
7. On the Student PC desktop, open the LabTG folder.
8. Double click on V8_licenses.txt file to open it in Notepad. We will now obtain some
additional licensing information to add to what is shown in the file.
Note: You’ll use this file later in the lab.
9. Save the valid Account Name and Account Key.

Note: For training, we have a script that generates these licenses. You would NOT do the
steps in a standard installation. In a standard installation, both Account Name and
Account Key would be provided to you when you purchase equipment from Silver Peak.
a. On the Student PC desktop, run (double-click on) the getLicense icon on the
desktop. A script will run when the window opens.
b. Right-click the window and select Mark.
c. Highlight the temporary account information, then press Enter.
d. Go back to the V8_licenses.txt file you opened and right click to paste the
information into the text as shown. You will need this to license the Orchestrator
and the Appliances.
Note: The license information you receive will be different from what is shown
here. It is different for every student for every class. The licensing information
is temporary as its name suggests, and it will expire shortly after your course ends.
e. Select FileSave so you will have the information for reuse later. Close the
Command window.
10. Highlight the information to select it, then <ctrl>c to copy it.
11. Paste the Account Name, Account Key and NX/VX Appliance license using <ctrl>v. Do
not enter the license keys shown below, enter the information you received when the
script ran and you copied it. Then click Next.
12. Configure the time zone and NTP Server.
a. Time Zone: US/Pacific

b. Choose NTP Time Synchronization.
c. Server 1: 192.168.1.251
d. Click Next.
13. Set up Email.
a. Uncheck Enable SSL

b. SMTP Server: 192.168.1.200
c. SMTP User: student@training.local
d. Email Sender: student@training.local
e. SMTP Password: training
f. Send a Test Email To: student@training.local
g. Email Reports To: student@training.local
h. Email Alarms To: student@training.local
i. Click the Test button. After a brief clock display, you should see a message appear
that says ‘Test email sent’ as shown. If you get an error message, recheck your
configuration.
j. Click Next.
14. In our lab, the appliances will be added to the Orchestrator automatically, so there’s no
need to do any configuration on the Add Appliances screen. Click Next.
15. Configure Orchestrator Backup.
a. Protocol: FTP
b. Hostname: 192.168.1.200
c. Username: anonymous
d. Password: 1234
e. Directory: /GMS
f. Port: 21
g. Click Test. You should get a message in a green ribbon at the bottom of the screen
telling you the test was successful. If it is not, recheck your configuration.
h. Click the Add button to add a scheduled time to backup.
i. Set the Schedule to Weekly on Saturday at midnight (00:00) as shown and click
OK. The schedule will appear in the Schedule box.
j. Click Apply.
16. A success message will appear along with this Summary screen. Click Close.
17. A message will appear:

a. The Orchestrator application will restart
b. When the Orchestrator has restarted, log back in using admin/admin.
Note: We changed the address of the Orchestrator from the one assigned by
DHCP, so it will be necessary to point the browser to the new address,
192.168.1.254
18. Check the portal registration status.

a. Close the Getting Started Wizard if it starts.
b. Select Orchestrator AdministrationSilver Peak Cloud Portal.
c. Notice that the dialog box shows the Orchestrator registration status is “Yes”.
Registered = “Yes” means:

a. The Orchestrator was able to reach the Cloud Portal on the internet.
b. It was also able to register, which means the account name and account key
matched an entry in the data base for your student account and the
Orchestrator can now manage appliances associated with that account.
Appliances in your network will use the same account name and account
key.
d. Click Close.
Continue to the next lab.
Lab 2: Configure Interface Labels and
Groups
Overview
Interfaces can be labeled with an arbitrary identifier like Voice or Data. The interface labels
can be used to route traffic into a particular overlay by matching packets entering the
appliance through a labeled interface to a designated overlay. In a later lab, we’ll create
Business Intent Overlays which will use the labels to identify how traffic entering an appliance
should be handled in the network.
Objective
Create interface labels to be used when creating a deployment profile and applying it to a
site.
Task 1: Create Groups

1. In Orchestrator, rename Group 1 to US.
a. Right-click Group 1 in the tree view on the left and change the name to “US”.
b. Click OK.
Note: Pressing Enter will default to cancel.
2. Create two new groups under US.
a. Right-click US.
b. Select Add Group.
c. Name it “US-1”.
d. Click OK.
e. Repeat the steps to add another new group under “US”. Name this one “US-2”.
3. Click the arrow next to US to display the two new groups. We’ll organize our
appliances under the new groups we just created when we install them.
If you put a group in the wrong place, you can right click on it, delete it and add a
replacement in the correct place.
Task 2: Create a new label for a LAN interface.

1. In Orchestrator, select ConfigurationInterface Labels.
2. Add a lan label called “Campus”.
a. Type: lan
b. Label: Campus
c. Click Add.
d. Click Save.
Note: “Close” closes the window without saving. You will lose your work.
Lab 3: Configure Deployment Profiles
Overview
In this lab you will create Deployment Profiles which determine the interface configuration
and labeling and more on the appliances.
Objective
Learn the skills necessary to create and save a deployment profile. We’ll make 3 types of
profile to apply to different types of sites in a later lab.
Task 1: Configure a Deployment Profile for a Hub Site

1. In Orchestrator, select ConfigurationDeployment Profiles.
2. Click +Add to create a new profile.
3. Call your Profile “Hub Site”, then click Save.
4. Configure a Deployment Profile for a Hub Site.
a. Add a WAN interface by clicking on +Add above the WAN interface on the right.
b. Select Interface wan1 for the new interface.
c. Add 2 LAN subinterfaces by clicking +IP twice on the LAN Interfaces section.
d. Configure Interface hardening. To configure, click the lock/unlock icon.
i. wan0: off Unlocked icon
ii. wan1: on Locked icon
e. Select interface Labels.
i. lan0: Voice Primary (top)
ii. lan0: Data Sub-interface (middle)
iii. lan0: Campus Sub-interface (bottom)
iv. wan0: MPLS
v. wan1: Internet
f. Configure VLANs on LAN interfaces.
i. Set the lan0 sub-interface labeled Data to 131.
ii. Set the lan0 sub-interface labeled Campus to 132.
g. Set Shaping to 4000 kbps for both WAN interfaces (on right).
h. Click ‘ΣCalc’.
Orchestrator will add up the speeds of the existing interfaces and fill in the Total
Outbound with 8000 for you with the calculated sum.
i. Set EdgeConnect Licensing, Boost to 8000 Kbps. We boost all traffic at this site
j. Click Save.
Task 2: Configure Deployment Profile for a Campus Site with 2
Data Centers
The next two steps show you how easy it is to edit an existing profile, make minor changes
and save it as a new profile to be applied to other sites.
1. Create a new profile by altering the existing one and saving it with a new name
a. Change the Shaping to 2000 Kbps on wan0 and wan1.

b. Click ‘ΣCalc’.
Orchestrator will add up the speeds of the existing interfaces and fill in the Total
Outbound with 4000 for you with the calculated sum.
c. Set EdgeConnect Licensing, Boost to 4000 Kbps. We boost all traffic at this site
d. Click Save As.
e. Name the new profile “Campus” and click Save.
Note: For convenience we’ve kept the interfaces, VLAN numbering etc. the same
as the first site, but they could be completely different from profile to profile. The
Labels on each interface is what will be mapped into the network fabric created by
the Orchestrator from the Overlays (which we’ll configure in a later step).
Task 3: Configure a Deployment Profile for a Branch Office
1. Remove a sub interface.
a. Click the ‘x’ next to the bottom lan sub-interface to remove it. There should now
be 2 LAN interfaces.
2. Click Save As.

3. Name the site “Branch”, then click Save.
Lab 4: Configure Template Groups
Overview
Template groups allow you to configure and store common settings that can then be applied
to one or more appliances. Each template contains a set of related configuration settings of a
particular type, like SNMP or TACACS+. The collection of all the templates is called a
template group. Multiple template groups can store multiple sets of settings to be applied to
appliances with different configuration requirements across your network
Objective
This lab will teach you how to configure and store a template group and the associated
settings. These templates will be applied when installing appliances, or can manually be
applied at any time.
Task 1: Create a template group

1. Select ConfigurationTemplates to open the Template tab.
2. Configure the Date/Time template.
a. Select the Date/Time template. Note: You’ll need to scroll down.

b. Check the box next to Date/Time.
c. Time Zone: US/Pacific
d. Select the NTP Time Synchronization.
e. Click Add to add an NTP server of 192.168.1.251.
f. Click Save As.
3. Name the group “Main”, then click Save.
4. When you do a Save As, the template selection may become ‘unchecked’. If so, re-check
the box next to Date/Time, then click Save,
If the box is checked after the ‘Save As’, continue with the next step.
5. We are not using Dynamic Rate Control in this lab, so configure the Shaper template to
avoid creating an error condition where Dynamic Rate Control is enabled with a minimum
limit of 0. (This can also be avoided by enabling inbound shaping on the deployment
profiles with appropriate inbound shaping values if you are using the feature).
6. Click on the Shaper template (scroll up if needed)
7. Check the checkbox next to Shaper.

8. Click Inbound.
9. Uncheck Enable Dynamic Rate Control.
10. Click Save.
Lab 5: Configure Business Intent Overlays
Overview
A Business Intent Overlay (BIO) specifies how traffic with particular characteristics will be
handled in the network, and multiple Business Intent Overlays can be created for each type
of traffic. Which traffic matches a particular Business Intent Overlay is determined either by
the label on the interface through which it enters the appliance, or by matching traffic to an
access list. As you’ll see, the Business Intent Overlays control things like the WAN ports and
network types to transmit the traffic over, and what to do if the preferred links go down or fail
to meet specified performance thresholds. Orchestrator uses Business Intent Overlays to
dynamically build and maintain overlay networks, for example, which sites to build tunnels
between and how the network should update the routing of traffic when conditions change.
Objective
This lab will teach you how to configure the dynamic topology and behavior of the of the
overlay network created by the Orchestrator between appliances. In this lab you will create
Business Intent Overlays that will apply to all the sites in your lab network.
Task 1: Create a Business Intent Overlay for Voice

1. In Orchestrator, select ConfigurationBusiness Intent Overlays.
2. Configure a Business Intent Overlay and save it as “Voice”.
a. Topology: Mesh
b. Traffic Access Policy: Voice
c. Configure Link Brownout Thresholds:
Loss: 1%
Latency: 75 ms
Jitter: 50ms
d. Primary WAN Ports: MPLS and Internet
e. Backup Ports: All should be unchecked.
f. Use Backup Ports on: Brownout
g. Uncheck Cross Connect Providers.
h. Link Bonding Policy: High Availability.
Note: Because High Availability requires two active links, you need to have at least
two Primary links.
i. Overly Down: Drop
j. Shaping Traffic Class: 1
k. Boost this Traffic: checked
l. Click Save As.
m. Name the Business Intent Overlay “Voice”, then click Save.
Task 2: Create an Overlay for Data Traffic

1. Click +Add (next to the Overlays list in the upper left) to create new overlay.
2. Name the new overlay “Data”, then click Add.

3. Configure the new Overlay.
a. Topology: Mesh
b. Traffic Access Policy: Data
c. Configure Link Brownout Thresholds:
Loss: 1%
Latency: 150 ms
Jitter: 100ms
d. Primary WAN Ports: MPLS
e. Backup WAN Ports: Internet
f. Backup Ports: Brownout
g. Uncheck Cross Connect Providers.
h. Link Bonding Policy: High Quality Quality
Note: High Quality requires only one active Primary link.
i. Overly Down: Drop
j. Shaping Traffic Class: 1
k. Boost this Traffic: checked
l. Click Save.
Lab 6: Appliance Configuration
Overview
In this lab you will finish setting up two ECV VMs, and complete addressing and configuration
on devices. Some of the virtual appliances are partially installed. You will complete basic
configuration, register them with the cloud portal and add them to the Orchestrator/GMS.
Then you’ll install and configure a VM from scratch.
Objective
Observe the appliance self-registration with the cloud portal. It will obtain its licenses and
serial number from the portal. Observe and complete the registration process with
Orchestrator/GMS. Learn to configure inline router mode.
Task 1: Finish configuration of ECV-1

The ECV-1 VM has already been installed, but not yet configured.
1. If you don’t still have it open, on the Student PC desktop, open the LabTG folder, then the
V8_licenses.txt file. You’ll need the account name and account key information for
the next step. If you didn’t save the cloud portal licensing information in the file, then you
can copy the Account Name and Account Key from the Orchestrator.
2. In the VMware vSphere Client, select ECV-1 and open the Console. Locate the IP
address assigned by DHCP. It may be different than the one shown here.
Note: If your mouse gets stuck in the console window, use <ctrl>+<alt> to get
cursor control back.
3. Log in to ECV-1.
a. From the Student PC, open a new tab in your Chrome browser, and navigate to the
address of ECV-1 using the address documented above which may be
different than the one shown below.
Note: If you navigate to the wrong address, you may connect to the wrong
appliance and will misconfigure your network. Pay attention to step 2 above!
b. Login as admin/admin.
4. Complete the Initial Configuration Wizard.
a. On the Welcome screen, click Next.
b. Associate the MAC addresses of the vNICs with the correct interface.
i. The topology diagram shows network connections to ECV-1. In VMware, the

mgmt0 interface connects ECV-1 mgmt0 port group. The other 3 interfaces
connect to other port groups represented by the numbers in the diagram.
You’ll want these for reference.
In this diagram you can see: lan0port group 2, wan0port group 3 and
wan1port group 4.
ii. In the VMware vSphere Client, right-click on ECV-1 in the tree view and
select Edit Settings.
iii. Click Network adapter 1 to view its assigned MAC address. This is the
network adapter that goes to the management network. The other network
adapters connect to port groups 2, 3 and 4, which is shown in the Summary
column.
Note: The addresses you see in your lab environment for the network
adapters may be different from the ones in the screen shots in these
instructions.
iv. Make note of all appliance interfaces and the last 2 digits of all 4 adapters
for later reference in the table below.
Interface Summary / Appliance Interface Last 2 digits of

Port Group MAC addr
Network Adapter 1 ECV-1 mgmt0 mgmt0
Network Adapter 2 2 lan0
Network Adapter 3 3 wan0
v. On ECV-1, go the Initial Configuration Wizard browser window. In the row

for mgmt0, click unassigned in the MAC column and select the MAC
address you saw in the VMware vSphere Client for this interface.
vi. Repeat this to configure MAC addresses for lan0, wan0, and wan. When
you have assigned MAC addresses to all 4 interfaces, click Apply & Next.
c. The appliance will reboot. When it is finished, log back in.
d. Click Next to move past the Welcome and Interfaces screens.
e. Complete the Hostname, DHCP, DNS page.
i.Hostname: ECV-1
ii.Primary DNS IP: 10.0.1.25
iii.Address type: Static
iv. IP Address/Mask: 192.168.1.4/24
Note: A DHCP address would work just fine, but as a best practice Silver
Peak recommends assigning a permanent IP address to avoid having to
wait additional time for the network to reconverge in event of a device reboot
that resulted in it getting a different address.
v. Next-hop IP: 192.168.1.253 This is the Default Gateway
vi. Click Apply & Next.
f. You will get a warning message. Click Change Management Address.
g. Your browser will be redirected to the new management address you assigned.
Log back in and restart the wizard if necessary. Step past the screens you’ve
completed already in the Initial Configuration Wizard.
h. On the Student PC, to review the LabTGV8_licenses.txt file to get the
Account Name and Key.
Note: In production, you can go to Orchestrator Administration  Silver Peak
Cloud Portal to get the account information.
i. Complete the License and Registration screen.
i. Input the Account Name. This will not be the one shown above. It will be
the same one you used to license the Orchestrator
ii. Input Account Key. Use the same account key you used with Orchestrator.
Note: If you don’t use the same account name and key on the appliances
and Orchestrator, the cloud portal will think they belong to different
accounts, and you will not be able to manage them with your Orchestrator.
iii. Click Apply & Next.
j. Skip past the Deployment Mode, Tunnels to Peers, Date & Time and Change
Password screens by clicking Apply & Next without making any changes. These
configuration items will all be handled by Orchestrator.
k. On the Finish Screen, click Done.
l. Click Save Changes to save the appliance configuration.
Task 2: Finish Configuration of ECV-2

1. In the VMware vSphere Client select the console of ECV-2 and determine the IP address
assigned by DHCP.

Note: If your mouse gets stuck in the console window, use <ctrl>+<alt> to get cursor
control back.
2. In your Chrome browser, open a new tab, and navigate to the address as you did before.
Login as admin/admin.
3. The Initial Configuration Wizard should start and the Welcome screen should be
displayed. Click Next.
4. As before, right-click on ECV-2 in the hypervisor and select Edit Settings to verify the
MAC addresses for each of the adapters by clicking on them one at a time. Remember
<ctrl>+<alt> to get cursor control back from the console if needed.
5. Revew which interfaces go to which port groups.
6. Make note of all appliance interfaces and the last 2 digits of all 4 adapters for later
reference in the table below.
Port Group MAC addr
7. Configure MAC addresses for the interfaces, matching the interfaces to the adapters in
the hypervisor as before.
Note: Your addresses will probably be different than those shown.
WARNING: The names appear in a different order than in the table. Take care to enter
the appropriate MAC address for each appliance interface.
8. Click Apply and Next. The appliance will reboot.
9. Log back in and continue the Initial Config Wizard. Skip past the MAC address screen.
Configure the host name, DNS server address, and configure a permanent IP address
and next hop as shown.
a. Hostname: ECV-2
b. Primary DNS IP: 10.0.1.25
c. Address type: Static
d. IP Address/Mask: 192.168.1.5/24
e. Next-hop IP: 192.168.1.253  This is the Default Gateway
f. Click Apply & Next.
10. Acknowledge the warning and change the address.
11. The VM will reboot as before. Logon and skip past the Welcome, Interfaces and
Hostname screens to the License Screen.
12. On the Student PC, to review the LabTGV8_licenses.txt file to get the Account
Name and Key.
Note: In production, you can go to Orchestrator Administration  Silver Peak Cloud
Portal to get the account information.
13. On ECV-2, enter the licensing information.
g. Add the Account Name.

h. Add the Account Key.
i. Click Apply and Next.
14. Skip the Deployment Mode, Tunnels to Peers, Date & Time and Change Password
screens by clicking Apply & Next without making any changes. These configuration items
will all be handled by Orchestrator.
15. On the Finish screen, Click Done.
16. Click Save Changes to save the appliance configuration.
Task 3: Complete Registration of ECV-1 & ECV-2 in Orchestrator
1. In your browser, go to the Orchestrator.
2. You should see a message indicating that new machines have been found. The two
appliances that you configured, reached the Cloud Portal, and the Cloud Portal told your
Orchestrator about them.
3. Click the Appliances Discovered message. This should open the Discovered
Appliances tab.
Warning: The most recently discovered appliance will be on top. Make sure you pick the
right appliance from the list by looking at its host name or IP address.
4. Click Approve button for ECV-1. (see Warning above)

5. Complete the registration for ECV-1.
a. Notice that the Cloud Portal has assigned a serial number to the virtual machine.
Assign the appliance to group US-1. Then click Next.
Note: In your company network, you might wish to fill in other information.
b. Choose a Deployment Profile and configure it.
i. Choose a Deployment Profile of “Hub Site”. The profile will appear.

ii. Configure the IP addresses for the LAN interfaces.
1. Voice: 10.110.10.100/24
2. Data: 10.110.13.100/24
3. Campus: 10.110.14.100/24
iii. Configure the IP addresses for the WAN interfaces.
1. MPLS: 10.110.11.100/24 with Next Hop 10.110.11.1
2. Internet: 10.110.12.100/24 with Next Hop 10.110.12.1
iv. Click Next.
c. If there were additional subnets that the Silver Peak wasn’t directly attached to, that
you wanted it to advertise to its peers, you would add them here. (They can also be
added later if needed) We don’t have additional local subnets at this site. Take the
defaults and click Next.
d. Choose both Business Intent Overlays and the Template Group you created
called “Main” by checking the boxes, then click Apply.
e. You should get an indication of success for all the operations. If everything looks
ok, click Close.
Note: Occasionally an operation will time out. If this happens, click Go Back, and
then after 30 seconds or so, or if the appliance is rebooting, after it finishes, click
Apply again.
6. Complete the registration of ECV-2.
a. On the Discovered Appliances tab, click Approve for ECV-2.
b. Assign the appliance to group “US-1”. Then click Next.
c. Choose and configure the Deployment Profile.
i. Choose a Deployment Profile of Branch. The diagram will appear.

ii. Configure IP addresses for the LAN interfaces.
1. Voice: 10.110.20.100/24
2. Data: 10.110.23.100/24
iii. Configure IP addresses for the WAN interfaces.
1. MPLS: 10.110.21.100/24 Next Hop 10.110.21.1
2. Internet: 10.110.22.100/24 Next Hop 10.110.22.1
iv. Click Next.
d. We don’t have additional subnets to add, so click Next.
e. Choose both Business Intent Overlays and the “Main” Template Group you
created by checking the boxes, then click Apply.
f. If everything applied successfully, click Close.
Note: If there is any issue, click Go Back, and retry after 30 seconds.
7. Click the arrow next to the US-1 group in tree view to expand it. You should see the new
appliances listed.
Task 4: Verify the tunnel on the Topology tab
1. Go to the Topology tab.
2. You should see the devices you added. While one or both are rebooting and/or
resyncing, the Orchestrator may show different color outlines around the appliances.
Red (shown above) means the Orchestrator can’t talk to the appliances. This should
clear after the appliance finishes booting and resumes communication with the
Orchestrator.
a. Click on the gear shaped icon in the upper right portion of the map to display a
legend that explains the different colors.
b. Observe the color changes in the appliance outlines and the tunnels that
connect them as the appliances go through the various stages of reboot,
reconnection and synchronization.
3. After the appliances finish booting, since both appliances are part of the Data and
Voice overlays, the Orchestrator will build tunnels between them. This will be shown
as a green line connecting them. This might take a while.
Note: If it takes too long for the tunnel to turn green (you’ve been waiting several
minutes since the appliances reconnected and no longer have colored outlines around
them), it can be simply because the Orchestrator hasn’t updated its status. You can
select both appliances in tree view on the left and then go to
MaintenanceSynchronize to force an immediate resynch.
4. On the right side of the topology map, select All Overlays.
5. Click on the tunnel (the green line). You should get information as shown below. (It
may take several minutes for all tunnels to be built.)
Notice there are multiple tunnels – one underlay in each direction for each wan link
type for each appliance. Also one in each direction for each overlay for each
appliance. The suffix in each tunnel name identifies which wan connections or overlay
it is associated with. Remember we set up an ‘MPLS’ label and an ‘Internet’ label for
the two wan interfaces in our deployment profiles, and applied two overlays, Voice and
Data.
Note: If Cross Connect Providers had been checked in the Business Intent Overlays,
and the network connections supported it (not possible in our lab), then MPLS-Internet
and Internet-MPLS connections might have been brought up too.
6. Make sure both appliances are selected in tree view by clicking on the group US-1.
7. Select ConfigurationTunnels in Orchestrator.
8. More information is available about each tunnel. Underlay tunnels are shown by
default. If they are not shown, click Underlay now. Remember that Underlay tunnels
carry the logical connections in the overlays. Note that all tunnels use IPSec
encapsulation. The full length of the tunnel names that are too long to display, can be
moused over to display complete information. Columns can be resized, but the effect
is only temporary while the tab is being viewed.
You can also see which Overlay tunnels are associated with the underlay tunnels. If
you mouse over an entry in the Overlay Tunnels column, you’ll notice that there are
two overlay tunnels associated with each Underlay tunnel.
9. Click Overlay. Notice the names of the overlay tunnels contain a suffix associated with
the names of the Business Intent Overlays we configured which caused these logical
connections to be made.
STOP HERE: End of Labs 1-6.

Return to the course and complete the lessons leading to the next lab
projects.
Access Labs 7-10
1. Go to http://silverpeak.find.training/
2. Select “Deploying SDWAN Technologies (DST) Labs 7-10” by clicking on it.
Please make sure you select the correct lab as there are many to choose from and
each image is different
3. Check out as before. Refer to Lab 1, Task 1 for additional instructions if needed.
4. Open the email you received from ReadyTech and click on the ‘Redeem Now’ link in
the email. Follow the steps to login as you did before.
5. Click on ‘Lab’
6. When you are ready to begin, click Start Lab Now
You will have one day of access time beginning when you click ‘Start the lab’. If you do
not start the lab within a few hours, you will not have time to complete it. All Silver
Peak labs are designed to be completed within 2-4 hours.
7. Click Start Now
Note: Although the message says it may take up to xxx minutes to start (118 in the
screen shot above), your wait should only be 5-10 minutes as machines are deployed
from a hot standby pool.
The only time that you should have to wait the full length of time is when demand is
high and all the machines in the pool have been deployed. In this case a fresh
machine will need to be deployed for you.
8. A message will display. Click Close.
9. When your environment is fully deployed, The Status display should change to Up
10. To Access the lab, click where it says ‘Click here to connect‘
11. Login
a. You should be connected to the remote desktop, which will show a larger
panel and login as Administrator using the password Silverpeak1.
b. It is possible to go full screen with your browser window by selecting it from the
keyboard.
active area of the console window.
Lab 7: Create a Hub and Spoke Business
Intent Overlay with ACL Traffic Access
Overview
ACLs can be used to identify sources of traffic to be directed into a particular overlay. The
first thing we’ll do in this lab is create an ACL we can use to direct a particular type of traffic
into an overlay. Then we’ll create a Hub & Spoke overlay that makes use of the ACL as a
traffic source.
Objective
Learn the requirements for creating Hub & Spoke overlays, how to configure and apply ACLs
in a configuration template, and how to use them in a Business Intent Overlays.
Task 1: Connect to the ReadyTech lab environment

1. Open the email with your DST Labs 7-10 voucher code and link to the lab
environment.
Note: If you do not have a voucher code and link, return to the Initial Instructions
section (previous section) and follow the process to acquire the voucher code.
2. Click the link included in the email to access the ReadyTech lab environment.
3. Verify you have the proper environment, then click Redeem.
4. Enter your contact information and click Redeem.
Note: You will have until 10:00 PM to 20 hours to complete
the labs, but it may be less…
a. Lab access is available on the day you redeem the voucher
and start the lab from 2:00 AM to 10:00 PM in the time zone
you select at registration.
b. When your time expires, the lab will be reinitialized and no
work will be preserved.
c. Examples: If you select your local time zone and start at
2:00 AM, you’ll have 20 hours. If you select your local time
zone and start at 9:00 PM, you’ll only have an hour.
d. Hint: If you pick a different time zone, the access times will
be adjusted according to that time zone, so you might want
to pick a time zone that gives you more time if you think you
might run out.
5. Click OK on the Access Code Activation screen to proceed.
6. Warning:
If the system asks any time to upgrade JAVA or upgrade your browser, say
“NO”. If you upgrade anything you are not asked to upgrade as part of the lab,
you might break your lab pod. A restore can take 90 minutes and all work will
be lost.
7. Start the lab.

a. In your browser, go to the Lab tab and click Start lab.
b. Check the checkbox and click Ok to enable the auto suspend feature.
c. Read, then check, all checkboxes, then click Ok.
d. Your lab environment should be available within a few minutes.

Note: You will receive a confirmation email with a lab code and link to use
in case you need to reconnect to the environment.
8. If you have not already done so, return to the Initial Instructions chapter (previous
chapter) and review the Virtual Lab Topology and Logon Information headings.
9. Access the ReadyTech environment.
a. Go to the Lab tab and click on the link labeled “Click here to connect”.
b. You should be connected to the remote desktop, which will show a larger
panel and login as Administrator/Silverpeak1.
c. It is possible to go full screen with your browser window by selecting it from the

keyboard.
active area of the console window
Task 2: Check to make sure all VMs are deployed.

Note: It’s always possible that you have logged in at a time of high demand, and because
a fresh environment is in the process of being deployed, your lab might not be completely
ready. When this happens, if you log in before the lab is fully deployed, some VMs may be
partially deployed, or missing altogether until the deployment scripts complete, which can
take up to 2 hours. This step is to make sure that your lab is fully deployed. In this case a
fresh machine will need to be deployed for you.
desktop icon.
warnings.
10. If you see this message, click Yes, otherwise skip to the next step.
12. Match the list of deployed VMs to the list below:
If the list is incomplete, or a VM is still loading (grayed out and no green arrow next to the
VM name), your lab is probably still deploying. Take a break, get some coffee/tea, or
something to eat, then recheck the list in a little while. Remember that a full deployment
can take up to 2 ½ hours.
If the lab has not fully deployed after 2 ½ hours, contact support. Click on ‘Support’ in the
navigation bar at the top of your lab environment, or see the section called ‘Getting
Support’ at the beginning of this document for contact information.
Task 3: Obtain License information and re-license the

Orchestrator and existing Devices
13. On the Student PC desktop, open the LabTG folder.
14. Double click on V8_licenses.txt file to open it in Notepad. We will now obtain some
additional licensing information to add to what is shown in the file.
Note: You’ll use this file later in the lab.
15. Generate and save a new Account Name and Account Key.
Note: For training, we have a script that generates these licenses. You would NOT do the
steps in a standard installation. In a standard installation, both Account Name and
Account Key would be provided to you when you purchase equipment from Silver Peak.
a. On the Student PC desktop, run (double-click on) the getLicense icon on the
desktop. A script will run when the window opens.
b. Right-click the window and select Mark.
c. Highlight the temporary account information, then press Enter.
d. Go back to the V8_licenses.txt file you opened and right click to paste the
information into the text as shown. You will need this to license the Orchestrator
and the Appliances.
Note: The license information you receive will be different from what is shown
here. It is different for every student for every class. The licensing information
is temporary as its name suggests, and it will expire shortly after your course ends.
e. Select FileSave so you will have the information for reuse later.
f. Close the Command window.

16. License Orchestrator and the two existing appliances.
Note: You wouldn’t need to do this in an existing network because all these machines
would be licensed already. In our test environment, because we are generating new keys
for each lab section, and all the devices must be associated with the same account, you’ll
need to apply your new keys to all the devices. This will associate all the devices with the
same test account in the Cloud Portal and allow Orchestrator to manage all the devices.
a. License the Orchestrator using the new key.
i. Open a Chrome browser window by double clicking the Google Chrome icon
on your desktop.
ii. Navigate to 192.168.1.254.
iii. Login as admin/admin.
iv. Go to Orchestrator AdministrationSilver Peak Cloud Portal.
v. Copy (<ctrl>c) and paste (<ctrl>v) the Account Name, Account Key
license info. Do not enter the license keys shown below, enter the
information you received when the script ran and you copied it.
vi. Click Save.
vii. The Status of the Registered field should change to ‘Yes’
viii. Click Close.

Note: Orchestrator will push the new Account Name and Account Key to the
two appliances it is managing.
b. Click on the Topology tab in Orchestrator.
You will probably see alerts associated with each appliance. The numbers in red
boxes next to each appliance indicate alerts and will indicate that the appliances
are unregistered.
c. Wait a few minutes.
Diskette icons should appear next to each appliance and the Save Changes icon
should appear in the Orchestrator’s top menu bar.
Note: If the diskette icons fail to appear, or you get too impatient, you can make
sure both appliances are selected in tree view, then go to
MaintenanceSynchronize on the Orchestrator to force an immediate resync, then
continue with the steps below once the diskette icons appear.
d. Make sure both appliances are selected in tree view.
e. Click Save Changes.
f. Confirm the appliance selection, then click Save Changes in the dialog box.
17. Approve the licenses for ECV-1 and ECV-2.
a. In Orchestrator, verify that all appliances are highlighted in the tree view.
b. Select Configuration  Licenses.
c. License ECV-1
Note: You’ll see that the base licenses have not been approved.
i. Select the ECV-1 row by clicking on it, then click Configure EC Licenses.
ii. Configure the licenses.
1. Grant: Selected
2. Enable Boost: Checked
3. Bandwidth: 8000
iii. Click Apply.
iv. Then Click Close
d. License ECV-2
i. Select the ECV-2 row by clicking on it, then click Configure EC Licenses.
ii. Configure the licenses.
1. Grant: Selected
2. Enable Boost: Checked
3. Bandwidth: 4000  ECV-2 has lower bandwidth than ECV-1
iii. Click Apply.
iv. Then Click Close
e. After a short wait, click the refresh icon at the top of the tab to see the base license
and Boost are configured. This might take a couple of minutes. You might see
other intermediate statuses before the status in the Base column = Yes.
f. Save changes if needed by clicking on the icon as above.
Task 4: Add an Access List to the “Main” template group.
1. Click on the Templates tab, make sure you’ve selected the “Main” template group,
then select the Access Lists template. Check the box next to Access Lists.
2. Click on Add Rule. Select ftp in the application field, and make sure the Set Action is
set to “permit”. We’re only going to create one rule, but you could have many.
3. Click Rename ACL. Name it “FTP” and click Rename.
4. Click Save.
5. Make sure that ECV-1 is selected in tree view, and ECV-2 is NOT selected.
6. Click Apply Templates, then click Apply.
7. The status should indicate “Successful”. Click Close on the dialog box.
The newly applied ACL will allow us to route ftp traffic to a particular overlay, which
we’ll create in the next task.
Task 5: Create a Business Intent Overlay for Hub and Spoke
In this step we’ll create a Hub and Spoke Business Intent Overlay. Why didn’t we do this
before? In order to create a Hub and Spoke overlay, the hub site already has to exist,
because as you’ll see, you need to specify one or more hubs as part of creating the
overlay. We are going to use ECV-1 as that hub, and you have just finished configuring it.
1. Go to the Business Intent Overlays (ConfigurationBusiness Intent Overlays) tab, then

click +Add next to the title of the Overlays list.
2. Name the new overlay “CampusNetwork” (no space), then click Add.
3. Make ECV-1 a hub.

a. Click +Add next to Select Hubs.
b. Select ECV-1 as a hub by checking the box, then click Save.
Note: Selecting ECV-1 as a hub will automatically apply this Business Intent
Overlay to ECV-1.
4. Configure the Business Intent Overlay.
a. Topology: Hub & Spoke

b. Hubs: ECV-1 This should already be checked
c. Traffic Access Policy: ACL choose the “FTP” ACL you just created
d. Brownout Thresholds: Loss: 3%; Latency: 300 ms; Jitter: 150 ms
e. Primary WAN Ports: MPLS and Internet
f. Backup: All checkboxes unchecked
g. Use Backup Ports on: Brownout
h. Cross Connect Providers: Unchecked
i. Link Bonding Policy: High Throughput
j. Overlay Down Action: Drop
k. Shaping Traffic Class: default
l. Boost this Traffic: Checked
5. Click Save.
Note: Because this Business Intent Overlay is already applied to ECV-1 since it is a hub,
these changes will be applied to ECV-1. Also, our ACL and the new Business Intent
Overlay have been applied to ECV-1. We’ll use these in the upcoming labs.
Lab 8 – Hub & Spoke installation for ECV-3
and ECV-4
Overview
In this lab, we’ll complete the appliance installations at Site 3. You’ll complete the
installation of ECV-3, then install a new virtual machine, ECV-4, from scratch.
Objective
Learn to install a virtual appliance from scratch.
Task 1: Complete the Configuration of ECV-3

desktop icon.
warnings.
5. Access the console of ECV-3 in the VMware vSphere Client to obtain the IP address
assigned by DHCP. (Click on ECV-3 on the left and then click on the console tab on the
right.)

(The IP address may be different than the one shown here…)
control back.
6. In your Chrome browser, open a new tab, and navigate to the address as you did before.
Login as admin/admin. Use the address you recorded above, which might be different
than shown.
7. The Initial Configuration Wizard should start and the Welcome screen should be
displayed. Click Next.
8. Return to the vShpere Client.

9. As before, in the tree view, right-click ECV-3 in the hypervisor and select Edit Settings to
verify the MAC addresses for each of the adapters one at a time.
10. Review which interfaces go to which port groups.

Port Group MAC addr
12. Close the Properties window.

13. Return to the browser.
14. Configure MAC addresses for the interfaces, matching the interfaces to the adapters in
the hypervisor as before. Then click Apply and Next. The appliance will reboot. (Your
addresses will probably be different than those shown)
15. After the reboot, log back in and continue the Initial Configuration Wizard.
16. Skip past the Welcome and Interfaces screens.
17. Configure the host name, DNS server address, and configure a permanent IP address
and next hop as shown.
a. Hostname: ECV-3
e. Next-hop IP: 192.168.1.253 This is the Default Gateway
18. Acknowledge the warning.
19. The VM will reboot as before. Login, then skip past the Welcome, Interfaces and
20. On the Student PC, return to the V8_licenses.txt file. If you previously closed it, you
can reopen it from the LabTG folder on the student desktop.
21. Enter the licensing information.
a. Add the Account Name.

b. Add the Account Key.
c. Click Apply and Next.
23. On the Finish screen, click Done.
Task 2: Complete Registration of ECV-3 in Orchestrator
2. Within a couple of minutes you should see a message indicating that new machines have
been found. The appliance that you configured reached the Cloud Portal, and the Cloud
Portal told your Orchestrator about it.
Appliances tab.
4. Click the Approve button for ECV-3.

5. Complete the registration for ECV-3
Assign the appliance to group US-2. Then click Next.
b. Choose a deployment profile and configure it
i. Choose a Deployment Profile of ‘Campus’. The profile will appear.

ii. Configure the IP addresses for the LAN Interfaces.
1. Voice 10.110.30.100/24
2. Data 10.110.131.100/24
3. Campus 10.110.132.100/24
iii. Configure the IP addresses for the WAN interfaces
1. MPLS 10.110.31.100/24 with Next Hop 10.110.31.1
2. Internet 10.110.32.100/24 with Next Hop 10.110.32.1
iv. Click Next.
d. Choose all 3 Business Intent Overlays and the Template Group you created
called Main by checking the boxes, then click Apply.
ok, click Close.
Note: Occasionally an operation will time out. If this happens, click Go Back, wait
for at least 30 seconds, then click Apply again.
6. Click on the arrow next to the group US-2 in tree view to see the ECV-3 appliance has
been added to the group.
Task 3: Install ECV-4 from Scratch
1. In the VMware vSphere Client, select FileDeploy OVF Template.
2. Click Browse.
3. Navigate to DesktopLabTGSilverPeakVXOA. Select the EVC-

8.x.x.x_xxxxx.ova, and click Open.
4. Click Next.
5. A summary is presented. Click Next.
6. Name the VM “ECV-4”, then click Next.
7. Choose the default of Thick Provisioned Lazy Zeroed. Always thick provision to avoid
performance problems after the VM is deployed. Then click Next.
8. For the Destination Network select ECV-4 mgmt0.
9. Review the summary screen , then click Finish.
Note: Don’t check the box for ‘Power on after deployment’. We want to add virtual
interfaces before we boot the appliance.
10. Click Close.
11. Add additional Network Adapter for the ECV-4 VM. By default, the device boots the first
time with only a mgmt0 interface. We want an additional 1 LAN interface and 2 WAN
interfaces, so we have to add them.
a. In the tree view, right-click on ECV-4 and select Edit Settings.
b. Click Add.
c. Select Ethernet Adapter, then click Next.
d. Select an Adapter Type of VXMNET 3 and connect it to port group 8. Click Next.
e. Click Finish.
f. Click Add to add another Ethernet adapter.
g. Click Next.
h. Choose an Adapter Type of VXMNET 3 and connect it to port group 9. Click Next.
i. Click Finish.
j. Add the third adapter. Start by clicking Add.
k. Select Ethernet Adapter and click Next.

l. Select and Adapter Type of VXMNET3 and connect it to port group 10. Click Next.
m. Click Finish. Your screen should look like the following:
n. If everything is OK, click OK. If you made an error by connecting to the wrong port
group, you can click on the adapter in the list in the left, and change the Network
Connection in the drop down on the right.
12. Start the VM by selecting it in tree view on the left, and clicking the green start arrow.
17. Go to the Console tab for ECV-4. When it finishes booting, you should be able to see the
IP address assigned by DHCP, which might be different than the one shown here.
control back.
13. Open a Chrome browser tab, navigate to the address and login as admin/admin.
14. The Initial Configuration Wizard should start. Click Next.
15. In the VMWare VSphere Client, right-click on ECV-4 and select Edit Settings.
16. Check the MAC Address for each adapter as before. Use <ctrl>+<alt> if your cursor
is stuck in the console window.
17. If necessary, refer to the class topology diagram. ECV-3 and ECV-4 connect to similar
port groups.

Port Group MAC addr
19. Return to the Configuration Wizard.
20. Assign the proper MAC addresses to the mgmt0, wan0, lan0 and wan1 adapters. Your
MAC address may be different than those shown. Click Apply & Next.
21. After the machine reboots, log back in. The config wizard should have restarted. Skip past
the Welcome and Interfaces screens.
a. Hostname: ECV-4
e. Next-hop IP: 192.168.1.253 This is the Default Gateway
22. Acknowledge the warning.
23. The VM will reboot as before. Login, then skip past the Welcome, Interfaces and
24. On the Student PC, to review the V8_licenses.txt file.\
25. Log back in and the wizard should have restarted. Advance through the first 3 screens
without making any changes until you get to the licensing screen.
a. Add the Account Name.

b. Add the Account Key.
c. Click Apply and Next.
27. On the Finish screen, Click Done.
Task 4: Complete Registration of ECV-4 in Orchestrator

2. Within a couple of minutes you should see a message indicating that a new machine has
been found. ECV-4 reached the Cloud Portal, and the Cloud Portal told your Orchestrator
about it.
Appliances tab.
4. Click on the Approve button for ECV-4.
5. Complete the registration for ECV-4.
Assign the appliance to group “US-2”. Then click Next.
b. Choose a Deployment Profile and configure it.
i. Choose a Deployment Profile of ‘Campus’. The profile will appear.

ii. Configure the IP addresses for the LAN Interfaces.
1. Voice 10.110.30.101/24
2. Data 10.110.131.101/24
3. Campus 10.110.132.101/24
iii. Configure the IP addresses for the WAN interfaces
1. MPLS 10.110.31.101/24 with Next Hop 10.110.31.1
2. Internet 10.110.32.101/24 with Next Hop 10.110.32.1
iv. Click Next.
d. Choose all 3 Business Intent Overlays and the Template Group you created
called Main by checking the boxes, then click Apply.
ok, click Close.
Note: Occasionally an operation will time out. If this happens, click Go Back, and
then after 30 seconds or so, click Apply again.
6. ECV-4 should appear in the US-2 group in tree view.
Task 5: Observe Overlay Construction

1. In Orchestrator, go to the Topology tab. This will give you a map view of your appliances.
Although we won’t do it here, you can change the background and locate machines in the
real world by dragging them around. For now, arrange the 4 appliances as shown (by
clicking and dragging them), in a rough square with ECV-1 and ECV-2 at the top, and
ECV-3 and ECV-4 at the bottom. Note the selector for the different overlays on the upper
right portion of the map.
2. Select the All Overlays (the default) option in the map. If ECV-4 is still booting, it will look
something like this.
After a while the appliance will reconnect, and Orchestrator will build tunnels as displayed
in the next step. This may take several minutes. The colors surrounding the appliances
and of the tunnels may change as the status changes. You can refresh the screen if you
get impatient.
3. With All Overlays selected, you should see something like this.
This view will show you a composite view of all the overlay tunnels that were built
between the machines.
Note: There are warning messages displayed for ECV-2 and ECV-4 (numbers in blue
boxes. There is a link to the Alarms in the upper right. The alarms say that we haven’t
changed the default passwords. You can ignore this in our lab, but in your network you
should always change the defaults to a strong password!
4. Mouse over the link between ECV-4 and ECV-2 until it thickens, then click on it. This will
bring up a display that shows you 12 total links exist between the two appliances. The
column on the far right shows the state of each connection, useful for troubleshooting.
Look at the Voice overlay. There are 6 links associated with this overlay – 3 in each
direction. Two of the 3 in the list are underlay tunnels that were built across the physical
network. The third one is the overlay itself, the logical connection that uses those tunnels
as primary and backup, or to load balance.
5. Because tunnels and overlays are built as a unidirectional pair, there are 3 more in the
other direction per overlay (two underlay tunnels and one overlay logical connection). If
you had more than just Internet and MPLS connections (e.g. LTE), you would find an
additional underlay connection in each direction for each of the overlays.
Because there is a second overlay, called Data, associated with this pair of appliances
(there is a 3rd overlay applied to ECV-4, but it has no connections to ECV-2), there is a
second set connections for that overlay also.
Click Close to hide the Tunnels detail display.

6. Click on the list of overlays and select CampusNetwork.
7. Notice the display has changed and only two links are shown.
Remember the CampusNetwork Business Intent Overlay you configured was “Hub &
Spoke”, and ECV-1 was the hub in this overlay. As a result, Orchestrator only built tunnels
to ECV-1 from ECV-3 and ECV-4.
8. Click on the link between ECV-4 and ECV-1
Notice that there are 6 links. That’s because we are looking at the links for only one
overlay associated with this pair of machines. Close the window.
9. Now select the Voice overlay.
The Voice overlay is a full mesh applied to all the machines, so Orchestrator built tunnels
between each and every pair of machines.
Lab 9: Basic Flow Monitoring
Overview
In this lab you will open a CIFS share between TG-01 and TG-02 and move a file
between the sites. You will then chart the bandwidth usage as data flows.
Objective
Learn to use the current flow listing and tunnel tabs to identify which overlays and
underlay tunnels a flow is traversing. Learn to use the built in trend charting
functions and usage displays.
Task 1: Transfer Data Between Sites 1 and 2

1. On Student PC desktop, open an RDP session by clicking on the icon.
2. Connect to TG-01 (192.168.1.10) and login as Administrator/Silverpeak1.
3. Cancel out of any Windows activation or Shutdown reason messages.

4. Scroll down in the RDP window until the Start menu is displayed.
5. Open a CIFs session to TG-02 (10.110.20.11) by clicking on the start menu in the TG-01
RDP window, typing \\10.110.20.11 on the command line and pressing Enter.
6. A file explorer window will open showing the file share on TG-02.
Note: Make sure you are in the RDP window start menu. A common student error is
to type the commands in student desktop start menu instead of the one in the RDP
window. In that case, the symptom you will experience is that the CIFS connection
won’t open.
7. In Orchestrator, make sure all the appliances are selected in tree view.
8. Select MonitoringFlows to open the Flows tab.
9. In the RDP window, in the open CIFs share window double-click on the ftp-lab share
folder. The Sample_Files directory should be at the top of the list.
10. Go back to the Flows tab in Orchestrator. Notice there are flows on ECV-1 and ECV-2.
Note: It may be necessary to click the refresh button to see the flows.
(Look at your topology diagram to understand why these appliances are carrying the
flows.) The name of Outbound Tunnel that carries the traffic, for example to_ECV-
1_Voice is listed in the far right column. This automatically created name will carry a
suffix (_Voice) that indicates the name of the Business Intent Overlay it is associated with,
so in this case, the traffic matched the Voice overlay.
If you look at the deployment profiles for ECV-1 and ECV-2 (on each appliance you can
select Configuration Deployment) you can see that all the traffic entered on lan0, the
untagged VLAN labeled Voice. You may need to scroll to the right in the screen to see the
Outbound Tunnel column. (As a note, all the TGs in this lab are on untagged VLANs.).
Note: If you see IPSec flows using port 443, you can ignore them. They probably have a
local source address on the appliance and if so, they are just the appliance trying to
establish a connection to the Cloud Portal via the data path interfaces, which isn’t possible
in our environment.
11. The flow on Host ECV-2 is using an overlay tunnel called to_ECV-1_Voice. What if you
wanted to know which underlay tunnel or tunnels it used? Select only ECV-2 in tree view
and Go to the Tunnels tab. Make sure Overlay is selected. The right hand column will
display the underlay tunnel list associated with this overlay tunnel.
The automatically created name of each tunnel has a suffix that indicates the outbound
WAN link labels associated with the underlay tunnels. In this case, there are two underlay
tunnels; one that goes over MPLS (MPLS-MPLS suffix) and one that goes over the
Internet (Internet-Internet suffix). Note that cross connect tunnels, had we checked the
box and creation was possible (it’s not in our environment) might have had suffixes of
MPLS-Internet or Internet-MPLS.
12. In Orchestrator, select ECV-1 and ECV-2 in tree view as before.
13. Select MonitoringBandwidth Utilization to open the Appliance Bandwidth

Utilization tab.
14. In the open CIFs share window drag the file 5_trading.mdb onto TG-01’s desktop
inside the RDP window.
15. Now look at the Bandwidth Utilization tab. This shows you average and maximum BW
(bandwidth) utilization for each selected appliance as a percentage. This can take a
couple of minutes to update. Click on the refresh button if needed.
16. Select MonitoringBandwidth Trends. Make sure to select All Traffic and Inbound.
ECV-1 is receiving the traffic from across the wan (TG-01 is transmitting data through
ECV-2, which forwards it to ECV-1 where TG-01 is located) so you’ll see traffic charting
on ECV-1 much greater than on ECV-2
17. Now look at outbound traffic.
Things are reversed now. ECV-2 shows a lot of data being transmitted. Mouse over
different points on the graph trend lines on ECV-1. Exact statistics for a point in time are
displayed above the graph as shown in the picture. Although your printed manual might
not be in color, you can see in the actual appliance that the line for LAN traffic is light blue,
and WAN is dark blue.
Why do you suppose the bandwidth usage is different for the LAN and WAN?
This is because we have enabled Boost for these sites. You are seeing the benefits of
compression and deduplication reducing the amount of data being transmitted across the
WAN.
18. Close your CIFS connection by closing the file share window to TG-02 on TG-01 (not the
RDP session window).
Lab 10: Business Intent Overlays, Route
Policies and Order of Implementation
Overview
In this lab, you will erase Network Memory, then move files between TG-01 and TG-03 using
CIFS and FTP. You’ll remember that in a previous lab we created an overlay called
CampusNetwork that uses an ACL to identify traffic destined for that overlay. We should see
CIFS and FTP use different overlays to move traffic, but you’ll discover there are settings that
can keep this from happening, and correct them.
Objective
Learn about the function of route policies, how they are automatically built by overlay
configuration and how overlay order affects the order of policies in Route Maps and
Optimization Maps.
Task 1: Create traffic flows to site 3. Observe how different traffic

uses different overlays.
1. Make sure to kill all CIFS or FTP connections. Check the Flows tab in Orchestrator to
make sure no flows exist. Click the refresh button if needed.
2. Erase the Network Memory.
Network Memory is associated with the Boost function. This actually refers to the disk
cache that allows deduplication, and the resulting bandwidth savings on WAN links. We
are going to clear it here because we want the files to transfer in this lab without the
benefit of Network Memory so the transfers take longer and you have plenty of time to
execute tasks while a large file transfers.
Note: You would probably never want do this in a production network because it
will negatively affect performance until the disk cache is rebuilt. It is primarily a tool
for establishing baseline performance against which the performance of a populated disk
cache can be measured.
a. Select all appliances in tree view.
b. Select MaintenanceErase Network Memory.
c. A list of appliances about to be affected by the command will be listed. Click Erase
Network Memory.
d. Click Close when the function is complete and the status indicates the clear was
successful.
3. If you don’t still have it running, open an RDP session by clicking on the icon and
connect to TG-01 (192.168.1.10) and login as Administrator/Silverpeak1.
4. Open a CIFs session to TG-03 (10.110.30.11) by clicking on the Start Menu in the TG-01
RDP window, typing \\10.110.30.11 on the command line and pressing Enter.
A file explorer window will open showing the file share on TG-03.
5. In Orchestrator, make sure all the appliances are selected in tree view.
6. Select MonitoringFlows to open the Flows tab.
7. Make sure there are flows that display that say cifs_smb in the application column. If not,
in the RDP file share window to TG-03, right click and select refresh. Then go back to the
flows tab in Orchestrator and click the refresh button there.
8. Look the flow table and see if your connection went through ECV-3 or ECV-4 and went
through the Voice overlay tunnel. (You might need to scroll to the right to see all the
information). You may see 2 flows (one outbound through ECV-1 through a tunnel to
ECV-3) and the return flow through ECV-3 in a tunnel to ECV-1). Alternatively, you may
see 3 flows listed as below. In this case, the outbound flow went from ECV-1 through a
tunnel to ECV-4. The return flow came through ECV-3 (ECV-3 is the next hop for TG-01).
Because on ECV-4 the flow was only seen on the incoming side, the Outbound tunnel is
shown as none. The suffixes on the outbound tunnel names tells you the flows are in the
Voice overlay.
Note: When the flow arrives at a site through one appliance and returns through another,
this is an asymmetric flow. Asymmetry can prevent one of the boost functions, TCP
Acceleration, from working. There are several ways to correct this problem including Flow
Redirection, or by changing the metrics on Subnet Sharing advertisements, causing a
neighbor to prefer one Silver Peak over another.
9. Let’s force the flow to always be symmetric in this lab to make it easier to see what’s
happening in the next few steps.
a. Log into ECV-3 and select ConfigurationSubnets.
b. Change the Metric for automatically added subnets to “40”, and click Apply.
c. Disable subnet advertising by unchecking the box next to Automatically include

local subnets and click Apply.
d. Recheck the checkbox next to Automatically include local subnets and click
Apply again. This will change the advertised metric.
Note: Disabling and enabling advertising triggers re-advertisement with the new
metric.
10. Reset the flows.
a. Return to Orchestrator.
b. On the Flows tab, after making sure all the appliances are selected in tree view,
click Reset Flows, and choose Reset All.
This will reset all the current flows (which are now technically stale flows routed
under the old subnet metrics) and cause them to reestablish. Because the
advertised metric for the subnets advertised by ECV-3 are now lower, it will be
preferred over ECV-4. Refresh the flows table by clicking the refresh icon.
Any existing flows to the Campus should now be using ECV-3. If you don’t see
any flows, you can go back to the file share window, right-click, and select refresh.
Then refresh the flows table in Orchestrator.
Note: You would want to be very careful with Reset All in a production network. It
would probably be better to select the individual flows you want to reset.
11. In the RDP window you have open to TG-01, double-click on the Filezilla icon and open
an FTP connection from TG-01 to TG-03.
12. Connect to TG-03 (10.110.30.11) using anonymous/123 as an ID and password.
13. Look at the Flow tab in Orchestrator. Ooops, the flow isn’t using the CampusNetwork
overlay as expected. Remember we set up a Business Intent Overlay using an ACL
matching FTP to direct that traffic into the CampusNetwork overlay? We also made sure
the ACL was part of a template that got applied to ECV-1, ECV-3 and ECV-4. What do
you suppose could be happening?
14. Kill the FTP connection by closing the FileZilla application.

15. Close the CIFS connection by closing the CIFS file share window.
16. Return to Orchestrator.
17. Go to the Flows tab and make sure there are no active flows.
18. In the tree view, make sure that only ECV-1 is selected in tree view.
19. Now view the Route Rolicy Table for ECV-1. Select on ConfigurationRoute Policies.
Remember Route Policies determine where traffic goes and how it gets there…
20. There is a route policy matching all traffic entering the interface with the Voice label
ahead of (above) the entry matching FTP traffic.
The route policy on top will be matched first if possible. The Match Criteria matches all
traffic entering an interface with a label of “Voice” on the local device (in this case ECV-1),
and the Set Action, Destination is “Voice” (meaning matching traffic will be sent to the
“Voice” overlay). Since the FTP traffic from matches the top rule, it goes to the wrong
overlay.
Note: The top 3 route policies are grayed out. This means they were created by the
Business Intent Overlays and can’t be changed manually.
21. Now go to the Business Intent Overlay list in Orchestrator by clicking on the Business
Intent Overlays tab.
Look at the order of the overlays. It looks the same as the order of the route policies.
22. Move the CampusNetwork overlay to the top by clicking on it, then use the up arrow
to move it up. When it is on top, click Save in the bottom Left of the Business Intent
Overlay tab.
The appliances will resync as the overlay gets propagated.

23. Select all the appliances in tree view
24. Go to the Route Policies tab. The FTP matching entry with a destination overlay of
CampusNetwork should be on top (you may need to refresh the display after the devices
sync up) for all the appliances except ECV-2, which doesn’t use the CampusNetwork
Business Intent Overlay.
25. Start an FTP connection from TG-01 to TG-03.

Hint: previous connections are cached. You can click on the small down arrow to see a list
of previous destinations and select TG-03 as shown.
26. Also open a CIFS file share connection to TG-03 as you did before.
Hint: previous connections are cached here also. A ‘\’ should be enough to get a list and
click on TG-03 (10.100.30.11) to connect.
27. In Orchestrator, go to the Flows tab and see that the FTP and CIFS flows use two
different overlay tunnels.
STOP HERE. You have completed the labs for this course. Return to the
course for additional lessions.
Virtual Lab Topology
This diagram shows the topology of your virtual lab environment. The out of band management network uses 192.168.1.0. All masks are 24 bit
(255.255.255.0). Next hop router addresses for each subnet are shown above or below each router interface (actually in a WAN emulator). Site 3 is
a campus with 2 data centers, each with its own appliance.
Login Information
System/Platform User Password Notes
Virtual Lab The access code is provided by your
http://silverpeak.instructorled.training (primary) instructor.
http://silver-peak.instructorled.training (alternate)
https://silverpeak.hostedtraining.com (alternate) Access Code: ____________________
Student PC Administrator Silverpeak1
VMware vSphere Client root training
TG-0x Administrator Silverpeak1 The PCs at the 3 sites.
Kwanem Root silverpeak
Orchestrator admin admin
ECV-x admin admin The appliances.

Cisco CSR 100v Router ww This password is used after executing the
enable command.
Windows Live Mail student@training.local training
hMail Server Silverpeak1 Ask the instructor if this is required.

SDWAN - Silverpeak

Transféré par

Informations du document

Copyright

Formats disponibles

Partager ce document

Partager ou intégrer le document

Options de partage

Avez-vous trouvé ce document utile ?

Ce contenu est-il inapproprié ?

Droits d'auteur :

Formats disponibles

SDWAN - Silverpeak

Transféré par

Droits d'auteur :

Formats disponibles

Silver Peak

Self-Guided Lab Instructions

Date: Aug 2016

Warranties and Disclaimers

Silver Peak Systems, Inc.

1.877.210.7325 (toll-free in USA)

Getting Support ............................................................................................................... 6

Lab Topology Familiarization ........................................................................................... 7

LAB 1: Orchestrator Installation ...................................................................................... 9

Lab 2: Configure Interface Labels and Groups .............................................................. 32

Lab 3: Configure Deployment Profiles ........................................................................... 34

Lab 4: Configure Template Groups ............................................................................... 38

Lab 5: Configure Business Intent Overlays ................................................................... 41

Lab 6: Appliance Configuration...................................................................................... 45

Lab 9: Basic Flow Monitoring....................................................................................... 121

Virtual Lab Topology.................................................................................................... 138

Login Information ......................................................................................................... 139

Task 1: Print your lab guide

o Problems redeeming a voucher (instructions part of Lab 1)

o Lab seems to be down or never comes up

o Pre Installed virtual machines that aren’t operating

o Click on the Support link

• Contact Silver Peak for:

o Problems with instructional videos

• Support during business hours in California

• Response within one business day

Task 1: Familiarization with the lab topology

• All masks are 24 bit.

Addressing requirements table:

Requirement ECV-1 ECV-2 ECV-3 ECV-4 Unity

Task 1: Connect to the ReadyTech lab environment

4. Click Check out

8. Close the window

14. Click on Lab

21. Other Lab Notes:

Task 2: Check to make sure all VMs are deployed.

Task 3: Install Orchestrator

3. Navigate to DesktopLabTGSilverPeakGMS and select the Orchestrator-

11. After the deployment completes, close the dialog box.

List the appliance IP Address here: _________________________________

9. Save the valid Account Name and Account Key.

b. Right-click the window and select Mark.

c. Highlight the temporary account information, then press Enter.

a. Time Zone: US/Pacific

a. Uncheck Enable SSL

15. Configure Orchestrator Backup.

17. A message will appear:

18. Check the portal registration status.

Registered = “Yes” means:

Continue to the next lab.

Task 1: Create Groups

Task 2: Create a new label for a LAN interface.

2. Add a lan label called “Campus”.

Continue to the next lab.

Task 1: Configure a Deployment Profile for a Hub Site

2. Click +Add to create a new profile.

3. Call your Profile “Hub Site”, then click Save.

a. Change the Shaping to 2000 Kbps on wan0 and wan1.

2. Click Save As.

Continue to the next lab.

Task 1: Create a template group

a. Select the Date/Time template. Note: You’ll need to scroll down.

7. Check the checkbox next to Shaper.

Continue to the next lab.