Training Video Course

300-415: Implementing Cisco SD-WAN Solutions (ENSDWI)

PDFs and exam guides are not so efficient, right? Prepare for your Cisco examination with our training course. The 300-415 course contains a complete batch of videos that will provide you with profound and thorough knowledge related to Cisco certification exam. Pass the Cisco 300-415 test with flying colors.

Rating
4.42rating
Students
92
Duration
12:31:00 h
$16.49
$14.99

Curriculum for 300-415 Certification Video Course

Name of Video Time
Play Video: Welcome
1. Welcome
1:00
Play Video: CCNP SDWAN + CCNP Certification introduction
2. CCNP SDWAN + CCNP Certification introduction
5:00
Play Video: Exam Topics
3. Exam Topics
6:00
Play Video: SDWAN Architecture
4. SDWAN Architecture
10:00
Play Video: SDWAN Components Controllers
5. SDWAN Components Controllers
8:00
Play Video: SDWAN Data plan Devices
6. SDWAN Data plan Devices
11:00
Play Video: vEdge Features & terminologies used
7. vEdge Features & terminologies used
12:00
Play Video: Transport Locators TLOCs
8. Transport Locators TLOCs
7:00
Play Video: IPSEC Data Plan Security
9. IPSEC Data Plan Security
12:00
Play Video: SDWAN vRoute or Service side vpn Routes
10. SDWAN vRoute or Service side vpn Routes
6:00
Play Video: SDWAN Bidirectional Forwarding Detection BFD
11. SDWAN Bidirectional Forwarding Detection BFD
7:00
Play Video: Distributed Architecture to accommodate high traffic loads
12. Distributed Architecture to accommodate high traffic loads
11:00
Play Video: IOS XE SDWAN Choose your best hardware part 01
13. IOS XE SDWAN Choose your best hardware part 01
7:00
Play Video: IOS XE SDWAN Choose your best hardware part 02
14. IOS XE SDWAN Choose your best hardware part 02
13:00
Name of Video Time
Play Video: 2.1 Describe controller cloud deployment
1. 2.1 Describe controller cloud deployment
15:00
Play Video: Describe Controller on-Prem Deployment
2. Describe Controller on-Prem Deployment
9:00
Play Video: Entire system bringup process includes these steps
3. Entire system bringup process includes these steps
9:00
Play Video: 2.2a Hosting Platform - Hyper-visor
4. 2.2a Hosting Platform - Hyper-visor
4:00
Play Video: System Bring-up Demo Labs
5. System Bring-up Demo Labs
10:00
Play Video: Series of Viptela Bring-up theory followed by Labs
6. Series of Viptela Bring-up theory followed by Labs
9:00
Play Video: Controllers System wide Configuration
7. Controllers System wide Configuration
8:00
Play Video: vManage VPN & Static Route Configuration
8. vManage VPN & Static Route Configuration
7:00
Play Video: vSmart & vBond VPN & Static Route Configuration
9. vSmart & vBond VPN & Static Route Configuration
7:00
Play Video: Add Controllers to vManage Dashboard
10. Add Controllers to vManage Dashboard
5:00
Play Video: Add CSR to Root CA Server
11. Add CSR to Root CA Server
7:00
Play Video: Permanent certificates & install certificates to controllers
12. Permanent certificates & install certificates to controllers
10:00
Play Video: 2.2c Scalability & Redundancy
13. 2.2c Scalability & Redundancy
15:00
Play Video: 2.3 Configure & Verify Certificates & White-listing
14. 2.3 Configure & Verify Certificates & White-listing
4:00
Play Video: 2.4 Troubleshoot control-plane connectivity between controllers
15. 2.4 Troubleshoot control-plane connectivity between controllers
19:00
Name of Video Time
Play Video: 3.0 Router Deployment
1. 3.0 Router Deployment
10:00
Play Video: vManage Dashboard 01
2. vManage Dashboard 01
8:00
Play Video: vManage Dashboard 02
3. vManage Dashboard 02
12:00
Play Video: Zero Touch Provisioning ZTP Theory
4. Zero Touch Provisioning ZTP Theory
7:00
Play Video: ZTP Lab
5. ZTP Lab
10:00
Play Video: WAN Edge On-boarding
6. WAN Edge On-boarding
10:00
Play Video: Device Configuration Starts from here
7. Device Configuration Starts from here
1:00
Play Video: Lap Topology
8. Lap Topology
8:00
Play Video: Device Configuration via vManage
9. Device Configuration via vManage
11:00
Play Video: What are Device Configuration Template
10. What are Device Configuration Template
9:00
Play Video: Feature Template Creation Part01
11. Feature Template Creation Part01
8:00
Play Video: Feature Template Creation Part02
12. Feature Template Creation Part02
17:00
Play Video: Apply Feature Template
13. Apply Feature Template
9:00
Play Video: CLI Template with Variables
14. CLI Template with Variables
10:00
Play Video: Template Creation Planning
15. Template Creation Planning
3:00
Play Video: OMP TLOC Begins Here ..
16. OMP TLOC Begins Here ..
1:00
Play Video: Verification Commands
17. Verification Commands
15:00
Play Video: what is OMP ?
18. what is OMP ?
7:00
Play Video: OMP Route Types
19. OMP Route Types
7:00
Play Video: OMP Routes Verification
20. OMP Routes Verification
9:00
Play Video: OMP & TLOC Attributes
21. OMP & TLOC Attributes
6:00
Play Video: OMP Best Path Selection
22. OMP Best Path Selection
6:00
Play Video: OMP Route Redistribution
23. OMP Route Redistribution
5:00
Play Video: TLOC-Extension Theory
24. TLOC-Extension Theory
11:00
Play Video: TLOC Extension Lab
25. TLOC Extension Lab
4:00
Play Video: VRRP OSPF BGP Begins
26. VRRP OSPF BGP Begins
1:00
Play Video: VRRP Theory
27. VRRP Theory
7:00
Play Video: VRRP Configuration
28. VRRP Configuration
10:00
Play Video: VRRP Verification
29. VRRP Verification
9:00
Play Video: OSPF Part 01
30. OSPF Part 01
16:00
Play Video: OSPF Part 02
31. OSPF Part 02
9:00
Play Video: BGP Configuration & Verification
32. BGP Configuration & Verification
27:00
Play Video: BGP Verification
33. BGP Verification
4:00
Name of Video Time
Play Video: SDWAN Policy Section
1. SDWAN Policy Section
4:00
Play Video: vSmart Policy Overview
2. vSmart Policy Overview
10:00
Play Video: vSmart Policy Overview vSmart Policy Architecture Components
3. vSmart Policy Overview vSmart Policy Architecture Components
8:00
Play Video: Use Control Policy to Block subnet
4. Use Control Policy to Block subnet
12:00
Play Video: vSmart Policy Execution & Revision
5. vSmart Policy Execution & Revision
8:00
Play Video: Hub & Spoke Control Policy
6. Hub & Spoke Control Policy
15:00
Play Video: Multi-topology Control Policy Configuration
7. Multi-topology Control Policy Configuration
19:00
Play Video: Multi-topology Control Policy Verification
8. Multi-topology Control Policy Verification
3:00
Play Video: App-Aware Routing & Direct Internet Access Begins
9. App-Aware Routing & Direct Internet Access Begins
2:00
Play Video: App Aware Routing Basic Introduction
10. App Aware Routing Basic Introduction
7:00
Play Video: App Aware Routing BFD SLA Class
11. App Aware Routing BFD SLA Class
7:00
Play Video: app aware routing policy configuration 01
12. app aware routing policy configuration 01
4:00
Play Video: app aware routing policy configuration 02
13. app aware routing policy configuration 02
6:00
Play Video: app aware routing policy implementation 01
14. app aware routing policy implementation 01
10:00
Play Video: app aware routing policy implementation 02
15. app aware routing policy implementation 02
8:00
Play Video: app aware routing policy Verification
16. app aware routing policy Verification
11:00
Play Video: SDWAN DIA Design Options
17. SDWAN DIA Design Options
5:00
Play Video: Design – Cisco SD-WAN Direct Internet Access Design Components and Consideration
18. Design – Cisco SD-WAN Direct Internet Access Design Components and Consideration
6:00
Play Video: centralized data policy and NAT DIA route to deploy DIA
19. centralized data policy and NAT DIA route to deploy DIA
7:00
Play Video: Remote site DIA exit Design Considerations
20. Remote site DIA exit Design Considerations
7:00
Play Video: SD-WAN Dual-Router Hybrid Remote-Site Design
21. SD-WAN Dual-Router Hybrid Remote-Site Design
4:00
Play Video: SD-WAN Single-Router Dual Internet Remote-Site Design
22. SD-WAN Single-Router Dual Internet Remote-Site Design
4:00
Play Video: SD-WAN Dual-Router Dual Internet Remote-Site Design
23. SD-WAN Dual-Router Dual Internet Remote-Site Design
3:00
Play Video: Deploy - Cisco SD-WAN Direct Internet Access Configuration
24. Deploy - Cisco SD-WAN Direct Internet Access Configuration
12:00
Play Video: Deploy - Cisco SD-WAN DIA Lab
25. Deploy - Cisco SD-WAN DIA Lab
13:00
Play Video: Copy Edit Existing Policy & Basic Verification commands
26. Copy Edit Existing Policy & Basic Verification commands
8:00
Play Video: Create NAT DIA Route to Redirect Guest Internet Lab
27. Create NAT DIA Route to Redirect Guest Internet Lab
7:00

Cisco CCNP Enterprise 300-415 Exam Dumps, Practice Test Questions

100% Latest & Updated Cisco CCNP Enterprise 300-415 Practice Test Questions, Exam Dumps & Verified Answers!
30 Days Free Updates, Instant Download!

Cisco 300-415 Premium Bundle
$69.97
$49.99

300-415 Premium Bundle

  • Premium File: 398 Questions & Answers. Last update: Mar 13, 2024
  • Training Course: 112 Video Lectures
  • Study Guide: 874 Pages
  • Latest Questions
  • 100% Accurate Answers
  • Fast Exam Updates

300-415 Premium Bundle

Cisco 300-415 Premium Bundle
  • Premium File: 398 Questions & Answers. Last update: Mar 13, 2024
  • Training Course: 112 Video Lectures
  • Study Guide: 874 Pages
  • Latest Questions
  • 100% Accurate Answers
  • Fast Exam Updates
$69.97
$49.99

Free 300-415 Exam Questions & 300-415 Dumps

File Name Size Votes
File Name
cisco.testkings.300-415.v2024-02-18.by.luke.97q.vce
Size
4.03 MB
Votes
1
File Name
cisco.test-inside.300-415.v2021-08-17.by.ahmed.85q.vce
Size
1.45 MB
Votes
1
File Name
cisco.pass4sure.300-415.v2021-04-26.by.isabella.67q.vce
Size
1.19 MB
Votes
2
File Name
cisco.pass4sure.300-415.v2021-01-19.by.lily.55q.vce
Size
578.28 KB
Votes
2

Cisco 300-415 Training Course

Want verified and proven knowledge for Implementing Cisco SD-WAN Solutions (ENSDWI)? Believe it's easy when you have ExamSnap's Implementing Cisco SD-WAN Solutions (ENSDWI) certification video training course by your side which along with our Cisco 300-415 Exam Dumps & Practice Test questions provide a complete solution to pass your exam Read More.

Controller Deployment

13. 2.2c Scalability & Redundancy

In this session we are going to discuss scalability and the redundancy factor. How can we make these controllers scalable and redundant? Now in the diagram you can see that the V bond can have a single V bond can hold up to 15 900 connections and for their redundancy we are providing the FQDN. So multiple IPS are pointed towards the FQDN or the DNS. So, suppose one or both of the V bonds are down, and these Vedge devices or van edge devices are pointing to a group of IP addresses that is the DNS. To get to the Vsmart, we know that between the V Edge and the Vsmart, we have OMPsession running and the optimization option. So how many max control connections do I need per VPN interface that we can limit? And here you can see in the diagram the 5400 connections that a Vsmart can hold. Similarly, when we manage, the Vanish can hold up to 2000 Vs devices. And it is recommended that you have a cluster of three. We obviously manage within a single cluster. All right, so what are the robust design options we have in the STEVA fabric? Obviously, you should create or implement redundancy in the data plane, control plane, and even the ISP link. So we have one very nice diagram. From there, you can understand how to figure out how much redundancy is there and how we can provide the redundancy.

Now we can have redundancy in terms of devices, we can have redundancy in terms of links, we can have redundancy in terms of sites as well. So here you can see that we have site redundancy. You can use VRP. You can use protocol-based redundancy. If one link is down, the other link is up, and from that protocol convergence you can go by the other side as well. As with VRP, you have to be active and stand by your peers. If one is down, it will automatically fall back to the other side. You can now see that you have a hidden redundancy. You have a primary and secondary data center at DCDR. If one data center is down, until you have the backup data center, we may have redundancy in terms of transport as well. And for high redundancy or ability, we are using the T lock extension or transport locator extension as well. Finally, we have a good level of redundancy in terms of all control components or all controllers component. So later we will see how we are achieving redundancy in terms of via smart, in terms of V manage, and in terms of V wand as well.

Now in terms of data plane devices here, you can see that you have redundancy and high ability. You are tracking the tunnels with respect to BFT. You have an IGP inside an IGP. Obviously, if you have multiple devices, you have multiple IGP neighbors. If one neighbor goes down, the protocol will failover to the other neighbor. You have VRP, we have OMP, and with the help of OMP, obviously my control planes or my control plane devices are OMP. Peter and my Vs devices can go and connect. They have the option to go and connect with multiple peers. Now in terms of the control plane, what support do we have? We know that the functionality of Vs Smart, the VsSmart and the V-Edge devices are actually Ompp. The OmpA relationship exists between this and Smart One and Smart Two. Now we know that the usability of this control device means that they are syncing the routing information, exchanging the keys, sending policy information, et cetera, to all the devices spread across the globe and spread across the fabric.

Then we have the V-bond orchestrator that is used to securely bring up the fabric. So not only are they keeping track of who is joining the fabric, but who is leaving the fabric as well. Now with respect to what we want, we are smart and we manage. What are the redundancy options we have? So let's discuss that as well. We know at this point of time that with respect to the V bond that can be acted upon. So what we can do is create a DNS and multiple IPs. So, for example, one up to 1115, suppose you have five V-ones. All these five V-ones can be glued together with the DNS or the URL. So all the edge devices or all the devices in the system, while we are doing the system wide configuration, we can go and put the URL and street address of the IP. So that's the reason here.

You can see that we are specifying the DNS name to provide the redundancy in the V bond. Now what about the van? If we manage, we should create the cluster or all the V manages, which will be part of a cluster fabric. The important thing here is that since the vanage is a cluster, what are the key components we have inside the vanage we manage? Now the key component you have to manage is the application server. Think about Cisco's ice identity service. What is happening? Whenever you are logging on to the Cisco Ice, you are logging on to the administration node, correct? That is the pan. That means you are logging in to the front end. Likewise, whenever you are logging in to view manage, what you are seeing is the dashboard, correct? And this dashboard is nothing but a front-end term for an application server where you can see the snapshot or where you can see the summary of all the components that are there in the Vipela fabric, right? As a result, whenever we log in, we are logged in within the application server. Apart from that thing where they will store the configuration.

So for that reason, we have the configurational database. Then where will they go and store the network configuration system? For that, we have the network configuration system. All the configurations will be stored there, where they are going to store the static information. For that, we have the statical information for all the components throughout the fabric, and to do the communication across the management via the messages. The configuration database and the statical database are two of the databases available here. We should not run more than three iterations of these two databases. But for all the devices, the application server means all the devices, which means, if I have six, we manage them inside a cluster. So for all the six we manage inside the cluster, you should have six application servers. You should have said, for example, the messaging bus for everyone. You should have a network configuration system. But you can't run more than three iterations of the static database and the configuration database. So that's the limit. You will see in the upcoming slide the same notes. Now here you can see, if I am creating a cluster of two, we manage users where they will log in. They will log into the front end.

This is the front end, and what is the backend configuration database statical database? They are the back end. So you're logging in to the front end, and they are pointed towards the back end, where you have the actual database system. Where you have the actual database, the front and back end together will form the cluster. And here you can see that multiple demons are running from demon one to eight. And then you have your database backed up. In this way, you can cluster the things we manage. All right. So let me quickly show you a few more slides related to how we managed design. We managed design. They should not be here. You can see the point number within a clustermaximum of three instances of a configuration database and three instances of a static database can run. Note, however, that any individual we manage, for instance, can run one or none of these two databases, et cetera. So these are the important points I already covered. Then finally, what about the VSS redundancy? How are we achieving Vs Smart redundancy? Now I'm going to draw here and want to explain here in the diagram what you can do that for via Smart. Suppose you have DC One. Suppose you have DC Two.

You group the number of viaSmarts inside the data center. Assume I have two Via Smart in one data centre and two Vs Smart or possibly three Via Smart in the other. This can be referred to as Group Ten. This can be referred to as group 20. Now they must figure out how to make the control connection. Suppose you have a branch in each of the east and west. So what you can do is that you may have to control the connection. One control connection is going to group ten. That control connection will be primary. And then you have the secondary backup standby primary and standby control connection. Likewise, for the branch Invest, they have the primary connection with the group. Of these, Vs. Martin's idea is 20. Then you can have a backup connection with ten. So in this way, you can have the High Availability.

Not only that, you have V. Smart in the group. So you have V. Smart in a group. But you can optimise the optimization of the number of control connections. Remember, suppose you have 3000 servers. For example, you have a 9000 V edge. And suppose you have six V Smarts. So you don't want to manage nine into six, maybe 54,000 control connections. Okay? This calculation is big. Maybe you don't have the infrastructure to support 9000 VHS in the infrastructure. Suppose, for example, you have 1000 VHand you have three Vs Smart. Still, in this case, you are going to manage 3000 control connections, and that's a huge number, and we don't want that. So you can optimise this. Let me quickly give you the mathematical calculation so it will become easy. Assume we can achieve the high ability and redundancy I have in my group through smart. Let me draw like this. It looks good. Actually, suppose I have two ViaSmart here in a group of ten. And what I will do, I'll have only one via Smart other sites.

Suppose, for example, this other Via Smart ingroup number 20 and I have spread it. Assume that the total number of VHS is $1,000. Now, how can I optimise the connection? You can see here that, say for 500 of the Vij,this is the primary link and this is the standby second. So by default, how many control connections will you manage? 1000 into three means 3000 but after the optimization, let me write 3000 here. 3000 but after the optimization, you will see. So, 500 into only two connections, that is 1000. And again, suppose we have 500 here, leave this box 500 here, and you have a one-control connection and that is primary. And then you have a secondary control connection. So take it again, 502, a thousand times. And you're managing a Suppose 2000 control connection with primary and secondary with something called "High Availability and Redundancy," correct? So simply, you can see that you are reducing the number of control connections. We can even do further optimization. Even if we can reduce the number of control connections, there are ways that we can reduce it. We can do max control connection as well. So, this is the way you should group the Via Smart. And then you should optimize the number of control connections. Not only should you optimize the number of control connections, we should optimize the number of data plane or IPC connections as well.

14. 2.3 Configure & Verify Certificates & White-listing

Section two, dot three, discusses how to configure, verify, and whitelist certificates. So let's understand this certificate process. And in the upcoming section, we'll see how we can do the troubleshooting related to certificates. How can we verify or can we do the verification related to the certificate? We know that all the control plane devices are forming secure DTLs or TLS connections. And another thing we know is that my V bond will form DTLs TL and we manage and Vsmart can form DTLs TL. So here you can see the control connection, maybe TLS, maybe DTLs. We are using PKI 248 bit keys. And then we have an advanced encryption standard of 256 bits.

So actually, that is almost uncrackable. It's actually not possible to crack AES 256 bits of encryption. Now, here you can see the authentication process. I already told you that Bond will go and check the serial number and chassis ID. And the software boxes don't have chassis ID. So he will go and check the valid serial number. They are checking the organisation name while we manage and smart. And here you have two-way authentication, which means authentication will happen and then they will form the permanent DTL connection. So the connection will be permanent here. Now what about the case of edge devices? We have discussed the fact that edge devices are coming with Tam or TPM chips. So we have tested the platform model chip. Inside this chip, we can see the TPM chip. Those are preloaded with the certificates. And whenever you bring up or try to bring up the data plan device, then they will do the automatic certification process. They pass that process. In that process, what is happening is that first of all, they should authenticate with V Bond. So here again, you can see that V Bondwill check the valid serial number and chassis ID. And the edge boxes, or edge devices.

They will check the organization name of V bond. At this point of time, they will form transient connections or temporary DTLs connection. V Bond will provide the Vsmart while we manage IP to the edge. Now, what will happen is that the same process will happen again from V Edge to via smart. So let me show you the next slide. So again, the same thing that we manage the Vsmart will check related to the edge device. Here you can see that we are smart and we manage. They are checking the serial number and the chassis ID of the edge device. The edge device is checking the.ORG name. You can now see the significance of the.org domain name we discussed earlier. Now, once they do two-way authentication, they will form the permanent DTL RTLS tunnel. And the temporary tunnel will be tied down. It will be broken. This is the certification process. Once you have the complete certification process, then you can go and verify, for example, through control connection, and you can see which is the protocol, which is the system, IP, site ID, private IP, public IP, etc. So what if we do that? In the next section, we have the troubleshooting control plane connectivity between the controllers in this section. We'll go ahead and do all the verification steps.

15. 2.4 Troubleshoot control-plane connectivity between controllers

This session is going to be a little bit bigger than the other sessions because we are going to discuss and troubleshoot control plane connectivity between the controllers. So at this point in time, we know that if you are troubleshooting control connection or if you are troubleshooting control, what are the key parameters that you need to check? So first of all, we should go and verify whether we have proper system-wide configuration or not. So we should verify that. Let me write down all the things that we should check. So first of all, I will go and check the system wide configuration. You should go and check the system wide configuration, and then you should go and check the VPN Zero. That is the TL configuration as well. As a result, TL configuration should be system-wide.

We know if we are dealing with the certificates, we should have the proper organisation name or the most common organisation name for all the controllers. When we are checking about VPN zero, we should have IP reachability. You should reach out to all the controllers and correct these things we have discussed. Again, it is critical that you have visibility to the rebound in your orchestrator; otherwise, things will not connect. All right, so let's see at what point in time my controllers are stuck in. We have one lab where we manage to be smart and to be bond. We are facing some issues with one of the Vsmart. For example, via Smart Two, Smart Two is not able to form the control connection. So we have to go log into Vsmart and check all these things that just now we have discussed, like system wide configuration, the VPN configuration, et cetera. And then we have to figure out how to resolve that issue.

Before that, I will log into the V manager, that's the main management plane device we have, and from there, first of all, we will learn the necessaryCLI commands, even though everything is possible from the web manager GUI as well. And in the upcoming session, we are going to learn more and more about the GUI. We are expected to understand and be able to do everything from the V manage dashboard. However, we know that troubleshooting is easier with the CLI. If you want to do fast and quick troubleshooting, you should go and log into the CLI, and you can check the front end and back end. Now what is the front end and back end? We'll discuss that the front end is your CLI and the backend is your Linux-based operating system. So suppose I'm inside the Vmanage and if I go here and type VShell, we'll go to the Bash shell. Here I can go and type the present working directory. So we are at home and admin, correct? So we have the front end and we think that we have the back end as well.

Let me quickly show you the important command. You should go and check the Show control connection. And once you're checking the showcontrol connection, you can see here that these control connections let me remove the V edge. At the moment, we haven't studied much about the V-edge devices. So I'll do one thing. Let's focus only on the controllers. Now here you can see that we have the control connection with the controllers. So here you can see the controller name via Smart. Bond. V. Bond. Again, V. Bond and V. Bond. So I can see that we're attempting to build a four-connection with vault. But the problem here is that two of the connections they are using are zero. That's nothing but a null system IP. That means there is some problem. You should not see zero as the VM attempted to connect to any of the controllers, and they should not use null IP. Null IP means simply that at this point of time, we manage to try to form or establish a permanent connection with V Bond and start with null IP. But here we can see that we have a permanent connection and we can even see the duration as well, even for a null IP. So you can see that you have the duration. So we will go and examine this.

You can go to the Show control connection and check the history. You can see that, first of all, you have the legends and what type of areas you have. You can see, for example, ACS, that is a challenge rejected by peers. So you have the longer form and then the shorter form is there. So, for example, we have T-lock disabled. So you can see D is T lockduplicate client. Hello, DUP se duplicate serial number. Now these are the legends. If I scroll down, you can see when we manage to have problems with connection or communication with what we want. So here you can see that DC is failing DC. This is something like a DTL connection failure. It is saying that you have a DTL connection failure. If I scroll up, you can see the connection failure. You'll find somewhere starting with DC DTLs connection failure. And that's why we have this null IP connection. Here you can see the error is nowhere. At the moment, it is showing nowhere. But we should have some IP here. It should not form the connection with correct.Now what are the other things we have with the control connection? Here you can see that you can go and check the connection history, local properties, and the stats summary valid via Smart and same list. Actually, we manage to have It will be provided via Smart and Vibe on the same list.

You should go and check the other devices as well, or the other controllers as well. So this is the first thing. The second thing is that we can go and check the certificate with certificate software. You can go and check the install certificate root CS, certserial Signing Request umbrella root CA validity, and we manageroot CSR, so we should go and check the validity. It is valid and it will be valid till this point of time. And suppose your certificate is not valid, obviously you'll find the errors related to certificates and their validity, and basically we are looking for the control plane connectivity troubleshooting, and if your certificate has expired, obviously that connectivity will tear down, correct? So this is also an interesting thing that you should check out. Apart from that, you can go and check the certificate install and here you will get the summary of almost everything. So here you can go and check your certificate details: where you got this certificate, what is the subject, what is the expiry, what is the serial number on that? Who is the organisation that is providing the certificate?

Is that everything you'll get from here? So this is one of the handy things and if you go and check what the handy commands are, we have certificates installed, validity, valid edge, serial control connection, historycontrol connection, and one of the nice commands we have is the show control connection. Let me show you that is the local properties. So, if you go to the local properties, you'll find that it will tell you most of these things, and if you're very specific, you'll also get everything you need from this output. Okay, so we should go and first of all, we should check the show run and then the system. So you will get the system wide configuration and then, ideally, you should go and check your interface description. So you should show the interface description. You should understand that your It zero is up or not, which means your VPN or the channel interface is up or down, and if you want to check the entire configuration, you can always go and check store and VPN zero. And here you can see that you are pointed towards this gateway. If you have a static route towards that gateway, it should be up and running. OK, here you can see that we have the vault as a URL and what are the IP addresses which are glued to this particular URL?

So now again, if I go and check showcontrol connection because we want to validate the controlplane connections, let me quickly filter it. Still, we can see that two of the connections they tried to build have some issues correcting and in this connection, as you can see earlier, they will find the connection with the system IP. Now let's go back and check this inside the Vs smart. I can see even in Vs smart we have so many null IPS, which means there is some CS issue going on. If I go to via Smart too, and if I type show control connection, nothing is there, so that means there is some problem. What we can do is go and check the SOCONTROL connection and the history. What is the error? You can see we actually have two issues here. One is the disable DLOCK t lock is not working properly. The second thing is DTL connection failure Okay, now what we can do is that we know that we have the Bashill and we can go and check the log, so what can you do? You can go to the where log and VISIS log here. You can go and check what exactly is going on behind the scenes. So what we can do at this point of time is that whatever log that is coming I can copy and paste with a certain time duration.

So, suppose for example, today is March 3, so I'll go and check the log with March 3 and then I'll try to figure out exactly what is happening. Although you can see from the log that it is happening This is a big log message. Let me try to see when March 3 starts. We are in the March 2 event. We can filter this also with the help of some Linux commands, so let me copy from here I'm copying all the issues that are starting with March 3. I can go and paste them to the notepad, so we can go and read them. What it is telling at this point of time is that some issue happened. You can see system loggingchange severity. Some issues are happening with the userID, which is the system IP. So here it is telling you that they are able to reach the V bond or not. I can see control no activeV bond. It is telling that this guy is not able to reach the VBA and because he's not able to reach the orchestrator, he can't do any of the things. If I drill down the log messages, it will tell you all the important things that are happening. So here it is telling you that peering with the system IP zero with one of the branch size devices like that, so it is trying to peer out everything evenif you go and read it slowly. You'll find that they go on and stuck in the initial state.

They try to establish the OMP session from Vsmart to the different types of VH and the other Vsmart devices, but they have some issues related to OMP. Even if you go and check if there is any other issue related to system wide configuration, you can see that so many systems are there system related stuff. Those are there that we can go and check system issues. If something happened with the system wide configuration, it will go and throw you some errors, so let's go and try to figure out from the configuration and from here how we can proceed here If I go and check the system, I can see that the system wide configuration is clearly not correct, so what should I do here? Let me try to enable the log over the screen, so monitor start is the command. It's not recommended in production just for showing you or for demo purposes. I'm showing here so I can start the log message over the monitor and then we can go and change the systemwide configuration so the vault IP should be reborn Cisco.com They can go and commit now at the moment they are able to reach V bond. Let's see if they are able to find the V one and track the connection. Now it is telling me that the connection is on and what can I do? I can go and check view control connections. Let me go and check show control connection. See the connection is not there.

If I go and check show certificate installed, the certificate is not installed. So you can check further. If you check the organisation name, this organisation name is also not correct. Because if you cross reference system and the organisation name, you can see this should be the organisation name right? So let's go ahead and fix the organisation name as well here. I can go here and I can try to fix the organisation name, but I should go to the system and then I should do this system organisation name and then I can go and give, for example, SD organisation name, let me give the same, because see, if the organisation name is incorrect, that means your certificate will not work and now at the moment, I put that you can see that the organisation name we have put in the tracker has been started. The new organisation name is We have done the commit of the command. If you go back and check the running system, you will see the changes are there.

If I go and check the show certificate installed, it is still down because the certificate installation is down. The control connection is also down. Okay, so we have fixed the issue, but you have seen now that they will not come back because we need to kick off the process. What is the process? We know that from the CSR from the certificate signing request it will go and generate the pin that as per our manual certification process, we have seen. But suppose you have an automatic certification process, so you can generate the CSR and all the configuration is correct, it should work. Okay, All right, so these are the steps and these are the major things that we should do about the certificate validity and the control connection. What are the things that you can go and check? You can see that you can go and check the log. You should check the configuration. You should check the VPN configuration. You should check the system wide configuration. We want proper resolution and the organisation name. These are the key things related to the troubleshooting steps beneath the controllers.

Prepared by Top Experts, the top IT Trainers ensure that when it comes to your IT exam prep and you can count on ExamSnap Implementing Cisco SD-WAN Solutions (ENSDWI) certification video training course that goes in line with the corresponding Cisco 300-415 exam dumps, study guide, and practice test questions & answers.

Comments (10)

Add Comment

Please post your comments about 300-415 Exams. Don't share your email address asking for 300-415 braindumps or 300-415 exam pdf files.

  • Ali Khaled
  • Australia
  • Feb 11, 2024

It’s easy to see why this course is so successful – I had great difficulty learning the course material in other certification fields, but this CCNP course really is something amazing. I learned so much and finally got another certification to add to my resume!

  • Steve
  • United States
  • Feb 04, 2024

By taking this course, I was able to get over my anxieties and fully understand what was necessary to complete the CCNP course. Now I have the certification I’ve wanted for years and I’m getting compensated higher because of it

  • Freda
  • Japan
  • Jan 26, 2024

I’ve been in the IT business for years and one of the things I’ve learned the most is how utterly applicable certifications are and the usefulness of them. This course was absolutely essential in helping me through my career.

  • Rajat
  • Romania
  • Jan 12, 2024

Being able to finally find an online course that I’ve been able to apply to building my future has been a dream come true. This course made learning the CCNP T-Shoot program as easy as possible and my future has been brighter ever since.

  • Alonso
  • Puerto Rico
  • Jan 05, 2024

This class is great! I’ve learned so much and struggled for so long, but in the end I’ve finally been afforded the career I’ve wanted most. This is absolutely amazing.

  • Mike Houston
  • Netherlands
  • Dec 28, 2023

It’s amazing that this class is so thorough and professional. I’ve been applying everything I’ve learned in this class in my career on a daily basis and I’m astounded by how applicable it is.

  • Gadaze
  • Belgium
  • Dec 17, 2023

Never before have I had the power to demand my own salary and job expectations, but after years of working low-level IT jobs, I’ve finally been able to distinguish myself from the pack.

  • Zamir
  • France
  • Dec 10, 2023

Easily one of the best classes I’ve taken and I’m extremely glad I did it. Because of this course, I’m well on my way of earning as much as I’ve wanted to my entire life. This course has been the keystone in solidifying my future.

  • Peter Fonseca
  • Ireland
  • Dec 01, 2023

It’s not every day that you get the opportunity to take an online course as comprehensive and amazing as this one. I absolutely loved this course and learned so much!

  • Arthi
  • United Kingdom
  • Nov 19, 2023

I never imagined the kind of life I could have if I really applied myself, but by taking this online course and working harder than I ever have, I’ve almost doubled my salary. This certification is no joke and it has done my career wonders.

Add Comment

Purchase Individually

300-415  Premium File
300-415
Premium File
398 Q&A
$43.99 $39.99
300-415  Training Course
300-415
Training Course
112 Lectures
$16.49 $14.99
300-415  Study Guide
300-415
Study Guide
874 Pages
$16.49 $14.99

Only Registered Members can View Training Courses

Please fill out your email address below in order to view Training Courses. Registration is Free and Easy, You Simply need to provide an email address.

  • Trusted by 1.2M IT Certification Candidates Every Month
  • Hundreds Hours of Videos
  • Instant download After Registration

Already Member? Click here to Login

A confirmation link will be sent to this email address to verify your login

UP

LIMITED OFFER: GET 30% Discount

This is ONE TIME OFFER

ExamSnap Discount Offer
Enter Your Email Address to Receive Your 30% Discount Code

A confirmation link will be sent to this email address to verify your login. *We value your privacy. We will not rent or sell your email address.

Download Free Demo of VCE Exam Simulator

Experience Avanset VCE Exam Simulator for yourself.

Simply submit your e-mail address below to get started with our interactive software demo of your free trial.

Free Demo Limits: In the demo version you will be able to access only first 5 questions from exam.