Replace an EdgeConnect Appliance
CAUTION All methods of replacing an appliance are service affecting. Ensure that you follow all standard organizational change control procedures.
You can replace an EdgeConnect appliance using Orchestrator’s RMA Wizard or the Backup/Restore process. The method you use depends on the Orchestrator and ECOS versions in use and whether or not the appliances being swapped are the same make and model.
NOTE Starting with Orchestrator v9, you can replace a physical appliance with a virtual appliance, and vice versa.
Prerequisites
- Orchestrator must be version 8.4 or higher.
- The appliances being swapped must be the same make and model or – at a minimum – have the same interface configuration.
Use the following flowchart to help decide which method to use for replacing an EdgeConnect appliance.
RMA Wizard
The RMA Wizard transfers the configuration of the old appliance to the new appliance and maintains existing Orchestrator configurations, such as tunnel exceptions. You can use the RMA Wizard in either of the following scenarios:
- The old and new appliance are the same make and model (EC-XS for EC-XS).
- The old and new appliances are using the same interface configuration, Orchestrator is at least 9.0.3, and appliances are running ECOS 8.1.9.12+, 8.3.1.0+, or 9.0.0.0+.
NOTE To perform this procedure, the new appliance must be discovered in Orchestrator, reachable, and ready to approve.
-
If reachable, create a backup of the current appliance. Click Orchestrator, and then click Backup Now.
WARNING Do not approve the new appliance or delete the old appliance.
-
If the appliance to be replaced is at a site with BGP/OSPF, shut down BGP/OSPF from the core to prevent routes from being propagated until the last step.
-
If replacing a VRRP site, change the working EdgeConnect’s priority to a higher number so it remains the active VRRP for the duration of the swap process.
-
From the tree view in Orchestrator, select only the appliance you want to replace.
-
To run the RMA Wizard, click Support, and then click RMA.
-
On the first screen of the RMA Wizard, enter the name of the new appliance in the New Appliance field.
NOTE The new appliance must be discovered by the Orchestrator, but not approved.
-
Click Next.
-
Select the backup file you want to use for the new appliance.
-
In the Upgrade Software Version to dropdown list, select the software version for the new appliance.
-
Click Apply. The Orchestrator fully swaps out the two appliances.
-
Verify that all configurations for the new appliance have been restored.
-
To verify routes, click Configuration, and then click Routes. On the Routes page, click SD-WAN Fabric and verify the routes.
-
(Optional) Turn up BGP or appropriately set VRRP priorities.
-
Verify all routes and routing.
Backup/Restore Process
CAUTION Before starting this procedure, check appliance interface configurations carefully. Using different WAN port types, such as WAN0 on the old appliance and TWAN0 on the new appliance, could produce a configuration error.
The backup/restore process transfers the appliance configuration, but it does not account for Orchestrator configurations such as tunnel exceptions, Business Intent Overlays (BIOs), templates, and site names.
Use this procedure if the appliances are not the same make and model and Orchestrator/ECOS versions are earlier than v9.
WARNING Do not delete the old appliance.
-
From the tree view in Orchestrator, select only the appliance to replace.
-
Click Configuration, and then click Interfaces.
-
Create a capture of the Interfaces page for reference.
-
If reachable, create a backup of the current appliance. Click Orchestrator, and then click Backup Now.
-
Swap the appliances (physical or virtual). Be sure to match each old appliance interface with the new.
-
If upgrading an appliance to a larger appliance, this might mean going from WAN0 to TWAN0.
-
You must manually enter the new interface information on the Deployment tab.
-
-
Click Configuration, and then click Templates.
-
Verify and note the templates that are currently applied to the appliance, because you will apply the same templates to the new appliance.
-
Approve the new appliance.
-
Click Configuration, and then click Configuration Wizard.
-
Upgrade to the proper version to match existing appliances.
-
At this time, you only need a temporary hostname, password, and site name. If the site being replaced has two EdgeConnect appliances, make sure the site name matches the other appliance.
-
Skip the Deployment, Loopback, and Local Routes pages.
-
Apply only the default template to the appliance.
-
-
If the appliance you are replacing is at a site with BGP/OSPF, shut down BGP/OSPF from the core so that routes do not propagate until the last step.
-
If replacing a VRRP site, change the working EdgeConnect’s priority to a higher number so it remains the active VRRP for the duration of the swap process.
-
From the tree view in Orchestrator, select only the appliance you want to replace.
-
Click Administration, and then click Restore.
-
Verify and select the appropriate Source Appliance and the Target Appliance you just approved.
-
Select the appropriate backup file from the table, and then click Restore. The new appliance gets the configuration from the backup file and reboots.
-
After rebooting completes, verify the configuration of the new appliance.
-
Check the Deployment page, site name, and hostname. You might need to reconfigure the Deployment page based on whether the appliance is being upgraded and you are using a different port (for example, WAN0 to TWAN0 on the new appliance).
-
If site name does not match the other appliance at the site, tunnels could be built between the appliances.
-
-
After verifying the configuration, delete the old appliance from Orchestrator. Click Administration, and then click Remove from Orchestrator and Account.
-
Enter the confirmation code, and then click Delete.
-
Now that the new appliance has its configuration, perform any configurations related to the Orchestrator.
-
Verify that all tunnels are built.
-
Verify that the new appliance is receiving the correct routes.
-
Turn up BGP facing the new EdgeConnect appliance.
-
If this is a hub appliance, check downstream-connected routers to make sure they are receiving routes from the sites on SD-WAN only.
-
If this is a spoke site, it should be receiving all routes.
-
-
If using VRRP, restore the priorities to the normal settings.
-
Verify that all traffic is working.