Lab Topology
Given below is the lab topology being used for the SWAT SD-WAN Labs
Note: There might be minor differences in the topology being used versus what you see here. We will keep this updated as far as possible
Decoding the topology:
-
There are a total of 5 sites where we will have cEdges/vEdges deployed
-
All sites have Service VPNs associated with them.
-
Sites with vEdges have 2 service VPNs (VPN10 and VPN20)
-
Sites with cEdges have 3 service VPNs (VPN10, VPN20 and VPN30)
-
-
Some devices have dual uplinks (MPLS and Internet) while others have single uplinks (MPLS only or Internet only)
-
Site DC (Site ID 1) is running OSPF on the LAN. Site 50 is running EIGRP on the LAN
-
Site 20 will have TLOC Extensions set up and we will be peering with the MPLS side via eBGP
-
cEdge40 and cEdge50 will function as AppNav-XE Controllers
Device Credentials
Given below are the access details for some key devices in the network
| Device | Access Method | Username | Password | IP Address/URL |
|---|---|---|---|---|
| vManage | Browser - GUI | admin | admin | 192.168.0.6 |
| vEdges and cEdges | Putty | admin | admin | Various |
| Central Gateway | Putty | admin | admin | 192.168.0.1 |
| Ubuntu - Site 40 PC | vCenter Console | sdwan | C1sco12345 | 10.40.30.21 |
| Ubuntu - Site 50 PC | vCenter Console | sdwan | C1sco12345 | 10.50.10.21 |
| Jumphost | RDP/Guacamole | admin | C1sco12345 | 10.2.1.22X if connected to the GHI DC and 10.1.8.22X if connected to the SJC DC X is your POD number |
| vCenter | Browser - GUI | sdwanpodX X is your POD number e.g. sdwanpod5 |
C1sco12345 | 10.2.1.50 |
| Site 30 AD Domain: swatsdwanlab.com |
RDP/Guacamole | administrator | C1sco12345 | 10.30.10.50 |
| Site 30 PC | RDP/Guacamole | swatsdwanlab\sdwan | C1sco12345 | 10.30.10.21 |
| Cisco Umbrella | Browser - GUI | ghi.pod0X@gmail.com if connected to the GHI DC or slc.pod0X@gmail.com if connected to the SJC DC X is your POD number |
C1sco@12345 | login.umbrella.com |
| Guacamole | Browser - GUI | sdwanpod | C1sco12345 | 10.2.1.20X:8080/guacamole if connected to the GHI DC and 10.1.8.20X if connected to the SJC DC X is your POD number |
| WAAS Central Manager | Browser - GUI | admin | default | 10.100.10.100 |
Network schema
Important: Needless to say, these are super important and the IP Addressing scheme should be followed as enumerated in the lab guide
Use the following table to copy-paste IP Addresses as and when required through the course of the lab. There is a search function which is super handy - search with the name of the VM you are looking for so as to return complete results.
-
If the POD assigned to you is in location SJC
- y (in the table below) is 1
- X is your POD number
-
If the POD assigned to you is in location GHI
- y (in the table below) is 2
- X is your POD number
VM names need to be used accordingly.
| VM TAG FOR IDENTIFICATION ONLY NOT USED IN THE LAB |
SITE ID | SYSTEM ID | VM Name | Network Adapter | Network | Interface | IP | Gateway |
|---|---|---|---|---|---|---|---|---|
| A vManage |
1000 | 10.255.255.1 | sdwan-sjc/ghi-vmanage-podX | Network Adapter 1 | Management | eth1 | 192.168.0.6/24 | 192.168.0.1 |
| A vManage |
Network Adapter 2 | Internet | eth0 | 100.100.100.2/24 | 100.100.100.1 | |||
| B vBond |
10.255.255.2 | sdwan-sjc/ghi-vbond-podX | Network Adapter 1 | Management | eth1 | 192.168.0.7/24 | 192.168.0.1 | |
| B vBond |
Network Adapter 2 | Internet | eth0 | 100.100.100.3/24 | 100.100.100.1 | |||
| C vSmart |
10.255.255.3 | sdwan-sjc/ghi-vsmart-podX | Network Adapter 1 | Management | eth1 | 192.168.0.8/24 | 192.168.0.1 | |
| C vSmart |
Network Adapter 2 | Internet | eth0 | 100.100.100.4/24 | 100.100.100.1 | |||
| D vSmart2 |
10.255.255.4 | sdwan-sjc/ghi-vsmart2-podX | Network Adapter 1 | Management | eth1 | 192.168.0.9/24 | 192.168.0.1 | |
| D vSmart2 |
Network Adapter 2 | Internet | eth0 | 100.100.100.5/24 | 100.100.100.1 | |||
| E DC-vEdge1 |
1 | 10.255.255.11 | DC-vEdge1-podX | Network Adapter 1 | Management | eth0 | 192.168.0.10/24 | 192.168.0.1 |
| E DC-vEdge1 |
Network Adapter 2 | MPLS10 | ge0/1 | 192.0.2.2/30 | 192.0.2.1 | |||
| E DC-vEdge1 |
Network Adapter 3 | SiteDC_VPN10 | ge0/2 | 10.100.10.2/24 | 10.100.10.1 | |||
| E DC-vEdge1 |
Network Adapter 4 | SiteDC-VPN20 | ge0/3 | 10.100.20.2/24 | 10.100.20.1 | |||
| E DC-vEdge1 |
Network Adapter 5 | Internet | ge0/0 | 100.100.100.10/24 | 100.100.100.1 | |||
| F DC-vEdge2 |
10.255.255.12 | DC-vEdge2-podX | Network Adapter 1 | Management | eth0 | 192.168.0.11/24 | 192.168.0.1 | |
| F DC-vEdge2 |
Network Adapter 2 | MPLS11 | ge0/1 | 192.0.2.6/30 | 192.0.2.5 | |||
| F DC-vEdge2 |
Network Adapter 3 | SiteDC_VPN10 | ge0/2 | 10.100.10.3/24 | 10.100.10.1 | |||
| F DC-vEdge2 |
Network Adapter 4 | SiteDC-VPN20 | ge0/3 | 10.100.20.3/24 | 10.100.20.1 | |||
| F DC-vEdge2 |
Network Adapter 5 | Internet | ge0/0 | 100.100.100.11/24 | 100.100.100.1 | |||
| G vEdge20 |
20 | 10.255.255.21 | vEdge20-podX | Network Adapter 1 | Management | eth0 | 192.168.0.20/24 | 192.168.0.1 |
| G vEdge20 |
Network Adapter 2 | TLOCEXT_vEDGE | ge0/1 | 192.168.25.20/24 | ||||
| G vEdge20 |
Network Adapter 3 | Site20-VPN10 | ge0/2 | 10.20.10.2/24 | ||||
| G vEdge20 |
Network Adapter 4 | Site20-VPN20 | ge0/3 | 10.20.20.2/24 | ||||
| G vEdge20 |
Network Adapter 5 | Internet | ge0/0 | 100.100.100.20/24 | 100.100.100.1 | |||
| G vEdge20 |
Network Adapter 6 | TLOCEXT2_vEdge | ge0/4 | 192.168.26.20/24 | ||||
| H vEdge21 |
10.255.255.22 | vEdge21-podX | Network Adapter 1 | Management | eth0 | 192.168.0.21/24 | 192.168.0.1 | |
| H vEdge21 |
Network Adapter 2 | TLOCEXT_vEDGE | ge0/1 | 192.168.25.21/24 | ||||
| H vEdge21 |
Network Adapter 3 | Site20-VPN10 | ge0/2 | 10.20.10.3/24 | ||||
| H vEdge21 |
Network Adapter 4 | Site20-VPN20 | ge0/3 | 10.20.20.3/24 | ||||
| H vEdge21 |
Network Adapter 5 | MPLS20 | ge0/0 | 192.0.2.10/30 | 192.0.2.9 | |||
| H vEdge21 |
Network Adapter 6 | TLOCEXT2_vEdge | ge0/4 | 192.168.26.21/24 | ||||
| I vEdge30 |
30 | 10.255.255.31 | vEdge30-podX | Network Adapter 1 | Management | eth0 | 192.168.0.30/24 | 192.168.0.1 |
| I vEdge30 |
Network Adapter 2 | MPLS30 | ge0/1 | 192.0.2.14/30 | 192.0.2.13 | |||
| I vEdge30 |
Network Adapter 3 | Site30-VPN10 | ge0/2 | 10.30.10.2/24 | ||||
| I vEdge30 |
Network Adapter 4 | Site30-VPN20 | ge0/3 | 10.30.20.2/24 | ||||
| I vEdge30 |
Network Adapter 5 | Internet | ge0/0 | 100.100.100.30/24 | 100.100.100.1 | |||
| J cEdge40 |
40 | 10.255.255.41 | cEdge40-podX | Network Adapter 1 | Management | GigabitEthernet1 | 192.168.0.40/24 | 192.168.0.1 |
| J cEdge40 |
Network Adapter 2 | Internet | GigabitEthernet2 | 100.100.100.40 | 100.100.100.1 | |||
| J cEdge40 |
Network Adapter 3 | MPLS40 | GigabitEthernet3 | 192.1.2.18/30 | 192.1.2.17 | |||
| J cEdge40 |
Network Adapter 4 | Site40-VPN10 | GigabitEthernet4 | 10.40.10.2/24 | ||||
| J cEdge40 |
Network Adapter 5 | Site40-VPN20 | GigabitEthernet5 | 10.40.20.2/24 | ||||
| J cEdge40 |
Network Adapter 6 | Site40-VPN30 | GigabitEthernet6 | 10.40.30.2/24 | ||||
| K cEdge50 |
50 | 10.255.255.51 | cEdge50-podX | Network Adapter 1 | Management | GigabitEthernet1 | 192.168.0.50/24 | 192.168.0.1 |
| K cEdge50 |
Network Adapter 2 | Internet | GigabitEthernet2 | 100.100.100.50/24 | 100.100.100.1 | |||
| K cEdge50 |
Network Adapter 3 | Site50-VPN10 | GigabitEthernet3 | 10.50.10.2/24 | ||||
| K cEdge50 |
Network Adapter 4 | Site50-VPN20 | GigabitEthernet4 | 10.50.20.2/24 | ||||
| K cEdge50 |
Network Adapter 5 | Site50-VPN30 | GigabitEthernet5 | 10.50.30.2/24 | ||||
| L cEdge51 |
10.255.255.52 | cEdge51-podX | Network Adapter 1 | Management | GigabitEthernet1 | 192.168.0.51/24 | 192.168.0.1 | |
| L cEdge51 |
Network Adapter 2 | MPLS50 | GigabitEthernet2 | 192.1.2.22/30 | 192.1.2.21 | |||
| L cEdge51 |
Network Adapter 3 | Site50-VPN10 | GigabitEthernet3 | 10.50.10.3/24 | ||||
| L cEdge51 |
Network Adapter 4 | Site50-VPN20 | GigabitEthernet4 | 10.50.20.3/24 | ||||
| L cEdge51 |
Network Adapter 5 | Site50-VPN30 | GigabitEthernet5 | 10.50.30.3/24 | ||||
| M WAAS Central Manager |
NA | NA | sdwan-sjc/ghi-wcm-podX | Network Adapter 1 | SiteDC_VPN10 | Virtual 1/0 | 10.100.10.100/24 | 10.100.10.2 |
| N WAAS Node Site 40 |
sdwan-sjc/ghi-site40waas-podX | Network Adapter 1 | Site40-VPN10 | Virtual 1/0 | 10.40.10.101/24 | 10.40.10.2 | ||
| O WAAS Node Site 50 |
sdwan-sjc/ghi-site50waas-podX | Network Adapter 1 | Site50-VPN10 | Virtual 1/0 | 10.50.10.101/24 | 10.50.10.2 | ||
| P Central GW |
NA | NA | sdwan-sjc/ghi-gw-podX | Network Adapter 1 | Management | GigabitEthernet1 | 192.168.0.1 | |
| P Central GW |
Network Adapter 2 | WAN-Trunk | GigabitEthernet2 | All DGs point here | ||||
| P Central GW |
Network Adapter 3 | Shared_Services_VLAN101 | GigabitEthernet3 | 10.2.1.24X/24 if connected to the GHI DC and 10.1.8.24X/24 if connected to the SJC DC | 10.2.1.1 if connected to the GHI DC and 10.1.8.1 if connected to the SJC DC | |||
| Q Guacamole |
NA | NA | sdwan-sjc/ghi-guac-podX | Network Adapter 1 | Shared_Services_VLAN101 | eth0 | 10.2.1.20X/24 if connected to the GHI DC and 10.1.8.20X/24 if connected to the SJC DC | 10.2.1.1 if connected to the GHI DC and 10.1.8.1 if connected to the SJC DC |
| R Jumphost |
NA | NA | sdwan-sjc/ghi-jump-podX | Network Adapter 1 | Shared_Services_VLAN101 | eth0 | 10.2.1.22X/24 if connected to the GHI DC and 10.1.8.22X/24 if connected to the SJC DC | 10.2.1.1 if connected to the GHI DC and 10.1.8.1 if connected to the SJC DC |
| S Site 40 PC |
40 | NA | sdwan-sjc/ghi-site40pc-podX | Network Adapter 1 | Site40-VPN30 | eth0 | 10.40.30.21/24 | 10.40.30.2 |
| T Site 50 PC |
50 | NA | sdwan-sjc/ghi-site50pc-podX | Network Adapter 1 | Site50-VPN10 | eth0 | 10.50.10.21/24 | 10.50.10.100 |
| U Site 30 AD |
30 | NA | sdwan-sjc/ghi-ad-podX | Network Adapter 1 | Site30-VPN10 | eth0 | 10.30.10.50/24 | 10.30.10.2 |
| U Site 30 AD |
Network Adapter 2 | Shared_Services_VLAN101 | eth1 | 10.2.1.18X if connected to the GHI DC and 10.1.8.18X if connected to the SJC DC | ||||
| V Site 30 PC |
30 | NA | sdwan-sjc/ghi-site30pc-podX | Network Adapter 1 | Site30-VPN10 | eth0 | 10.30.10.21/24 | 10.30.10.2 |
| V Site 30 PC |
Network Adapter 2 | Shared_Services_VLAN101 | eth1 | 10.2.1.16X if connected to the GHI DC and 10.1.8.16X if connected to the SJC DC | ||||
| W Firewall ASAv |
1 | NA | sdwan-sjc/ghi-asa-podX | Network Adapter 1 | Management | Management0/0 | 192.168.0.50/24 | 192.168.0.1 |
| W Firewall ASAv |
Network Adapter 2 | SiteDC-VPN40 | Gig0/0 | 10.100.40.1/30 | 10.100.40.2 | |||
| W Firewall ASAv |
Network Adapter 3 | SiteDC-VPN40_2 | Gig0/1 | 10.100.40.5/30 | 10.100.40.6 |
Click here to download a printable version of this table, for reference.