Roles
Configuration > Overlays and Security > Security > Roles
This dialog box allows you to define and map roles that are used throughout the EdgeConnect SD-WAN Fabric. For example, you can map a role to a Group Policy Identifier (GPID) from an HPE Aruba Networking CX Switch to facilitate identity (role) awareness between SD-WAN Orchestrator and HPE Aruba Networking CX Switches. After you map a role to a GPID, you can specify the role in match criteria when creating Access Lists and policies in SD-WAN Orchestrator.
You can also use this tab to import roles and GPIDs from a CSV file.
Prerequisites
-
This feature is only available for Orchestrator version 9.4.1 and ECOS version 9.4.1.0 and later.
-
GPID values and roles must match the GPID values configured on the HPE Aruba Networking CX Switch.
For more information on configuring VXLAN and a VTEP source loopback interface on the EdgeConnect appliance, see VXLAN Tab or VXLAN Template.
Add Roles
Add all the roles that are required for each VXLAN segment. If the VXLAN segment encounters a role that is not defined in Orchestrator, that role is labelled “unknown”.
To add roles:
-
Click Add Role. A new row is added to the table.
-
Click in the new cell in the Role column, and then enter a name for the role. Role names are case sensitive. You can create up to 254 roles. “0” is reserved for the default role and “65535” is reserved for the unknown default role.
-
Press Tab or click in the new cell in the GPID column, and then enter the GPID of the HPE Aruba Networking CX Switch you want to associate this role with.
-
Click Save.
You can filter flows and policies by role.
Import CSV
To import roles and GPIDs from a CSV file:
-
Click Import CSV.
-
Locate and select the CSV file to import, and then click Open.
The Roles - Bulk Upload dialog box opens.
Color Description Green Indicates a new GPID and role mapping. This role and GPID will be added to the table. Yellow Indicates a duplicate GPID. The existing role for the GPID will be replaced with the role in the file you are importing. Red Indicates a duplicate role. The duplicate role will not be added to the table even if the GPID does not match. -
Review the roles and GPIDs to be imported.
-
Click Save to import the file or click Cancel to close the dialog box without making any changes.