Configure EdgeConnect SD-WAN Orchestrator
EdgeConnect gateways are onboarded in HPE Aruba Networking EdgeConnect SD-WAN Orchestrator. You must enable Orchestrator communication with HPE Aruba Networking Central. Then you configure the gateways as hubs, so HPE Aruba Networking Central identifies them and they can be configured as VPNCs.
The following sections describe how to onboard the EdgeConnect gateways in Orchestrator.
NOTE: EdgeConnect Virtual (EC-V) gateways are not currently supported in the Unified Fabric solution and cannot be configured as VPNCs in HPE Aruba Networking Central.
This guide does not cover the full extent of zero touch provisioning. For more information on ZTP, see the USB-Based Zero Touch Provisioning section in the Orchestrator User Guide.
Enable Orchestrator to Communicate with HPE Aruba Networking Central
The following instructions describe how to enable Orchestrator to open HTTPS connections to HPE Aruba Networking Central.
-
Log in to Orchestrator.
-
Navigate to Orchestrator > HPE Integration Services > HPE Aruba Networking Central.
-
Click Enable HPE Aruba Networking Central, and then click Save.
Configure the EdgeConnect Gateways as Hubs
HPE Aruba Networking virtual private network concentrator (VPNC) is only supported on physical EdgeConnect gateways that are configured as Hubs in Orchestrator.
-
In Orchestrator, navigate to Configuration > Overlays & Security > Hubs.
-
Start typing the name of the appliance that you want to configure as a hub and select it from the list.
-
Leave the default selection of “Re-Advertise Routes” and click Add Hub.
-
Click Confirm.
Repeat this process if there are other appliances to configure as hubs. Only one hub is required for the Unified Fabric solution.
Configure Loopback Interface with Loopback Orchestration
The EdgeConnect gateway hub must have a loopback interface with an IP address configured. HPE Aruba Networking recommends using the Loopback Orchestration feature to automatically assign a loopback address to each EdgeConnect managed by the Orchestrator from a group of address pools. You can create a pool of loopback addresses for Orchestrator to automatically create one or more loopback interfaces. You can also assign IP addresses from the pool of each gateway in the network.
NOTE: If you have a loopback interface configured on the EdgeConnect, you do not need to create a new one. Proceed to the next section.
The following steps describe how to set up loopback orchestration.
-
In Orchestrator, navigate to Configuration > Overlays & Security > Interface Labels.
-
Click New Label, select lan, and then enter a name (e.g., LOOPBACK).
-
Click Save.
-
Navigate to Configuration > Networking > Loopback Orchestration.
-
Select +Add Loopback Interface.
The Loopback Interface dialog box opens.
-
Select the Label that you configured from the drop-down list.
-
Specify the firewall zone if you want to the loopback interface to be part of a specific firewall zone.
-
Select the Management check box if you want management applications running on the appliance to use the loopback interface. This translates to “System-IP” for HPE Aruba Networking Central connectivity.
-
Click OK.
Create WAN Interface Label Names for the Unified Fabric
The WAN interface label names for the hubs in Orchestrator need to be appended with _inet, _mpls, or _lte, so the names match or closely match the HPE Aruba Networking Central interface label names on the WAN interfaces for SD-Branch and Microbranch. The EdgeConnect gateways at branch locations can have traditional Orchestrator interface labels, such as INET or MPLs, and they do not need to be appended with _inet, _mpls, or _lte, as they will have cross-connect configured to support the hub. For more information on interface label matching, see Overlay Tunnel Orchestrator (OTO).
The following steps describe how to create a WAN interface label for the Unified Fabric.
-
In Orchestrator, navigate to Configuration > Overlays & Security > Interface Labels.
-
Click New Label, and select wan.
-
Enter a name for the label that is appended with _inet, _mpls, or _lte. For example, if INETA is the internet label that will be used for the Unified Fabric, enter “INETA_inet” so it matches the HPE Aruba Networking Central label names.
-
Click Save.
If you already have INETA and MPLS1 interface labels that will be used for the Unified Fabric, you can update the labels to add the suffixes, or you can create new labels. To update the label names, enter “INETA_inet” and “MPLS1_mpls”.
NOTE: If you update label names, do it during a maintenance window as it can be disruptive.
Next Steps
After you have configured Orchestrator, continue to Configure HPE Aruba Networking Central.