Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Add an On-Premise Spoke Site with LAN Capability

 

You can provision and monitor a switch (physical or Virtual Chassis) by adding an on-premise spoke site to CSO. See Standalone Switch Overview for details.

To add an on-premise spoke site with one or more switches:

  1. Select Resources > Site Management.

    The Sites page appears.

  2. Click Add and select Add On-Premise Spoke (Manual).

    The Add On-Premise Spoke Site page appears.

  3. Complete the configuration according to the guidelines provided in Table 1.Note

    Fields marked with an asterisk (*) are mandatory.

  4. Review the configuration from the Summary tab.

    (Optional) click the Edit links within the summary to go directly to a specific page of the wizard and modify the configured settings.

  5. Click OK to add the site.

    After you click OK, site activation is initiated and the Site Activation: Site-Name page appears.

    • If the Zero Touch Provisioning (ZTP) toggle button is enabled (default), CSO pushes the stage-1 and stage-2 configurations and provisions the switch.

      This process occurs immediately after the activation process, for which you entered the activation code or selected auto-activation.

      Note

      Stage-1 configuration is the initial configuration that allows basic connectivity to a device, which is pushed to the device.

      The configuration that is pushed to the device after it has connected to CSO is called stage-2 configuration.

    • If you disabled the Zero Touch Provisioning (ZTP) toggle button, you must manually configure the stage-1 configuration (as provided by CSO) on the switch.

      To manually configure the stage-1 configuration:

      1. On the Site Activation: Site-Name page, the Click to copy stage-1 configuration link appears after the Prestage Device step completes successfully.
      2. Click the Click to copy stage-1 configuration link.

        The stage-1 configuration page appears displaying the stage-1 configuration to be copied to the EX Series device.

      3. Copy the stage-1 configuration and log in to the console of the EX Series switch.
      4. Enter the configuration mode, paste, and commit the configuration.

        After the stage-1 configuration is committed, the switch has the outbound SSH configuration to connect with CSO.

        CSO then provisions the switch.

Table 1: Fields on the Add Site for Tenant-Name Page ( LAN Capability)

Field

Description

General

Site Information

Site Name

Enter a unique name for the site. You can use alphanumeric characters and hyphen (-). The maximum length allowed is 32 characters.

Site Group

Select a site group to which you want to assign the site.

Site Capabilities

LAN Capabilities

Select LAN to include LAN capabilities in the site.

Address and Contact Information

Street Address

Enter the street address of the site.

City

Enter the city where the site is located.

State/Province

Enter the state or province where the site is located.

ZIP/Postal Code

Enter the postal code for the site.

Country

From the list, select the country where the site is located. Click the Validate button to verify the address.

  • The site address verification successful message is displayed if the address is verified.

    You can click the View location on a map link to see the address location.

  • If the address cannot be verified, the Site address could not be validated message is displayed.

If you enter the wrong address and click the Validate button to verify the address, the Site address could not be validated message is displayed.

Contact Name

Enter the name of the contact person for the site.

Email

Enter the e-mail address of the contact person for the site.

Phone

Enter the phone number of the contact person for the site.

Advanced Configuration

Domain Name Server (DNS)

Specify one or more IPv4 addresses of the DNS server. To enter more than one DNS server address, type the address, press Enter, and then type the next address, and so on.

DNS servers are used to resolve hostnames into IP addresses.

NTP Server

Specify the IP addresses of one or more NTP servers.

Select Timezone

Select the time zone of the site from the list.

LAN

Switch Devices

Displays the switches that you have added to the site.

  • To add a switch, click the + icon on the top right corner of the Switch Devices table. You can add multiple switches only to an SD-LAN site.

    The Add New Switch page appears. See Table 3 for details.

  • To edit details of a switch, select the switch and click the Edit icon on the top right corner of the Switch Devices table. The Edit Switch Details page appears, displaying the same parameters that you configured while adding a switch.

    Modify the parameters as needed and Click OK. The changes that you made for the switch are saved and the updated parameters appear on the Switch Devices table.

  • To delete one or more switches, select the switches and click the Delete icon on the top right corner of the Switch Devices table.

  • To manage the configuration of one or more switches added to the site, select the switches from the list and click Configuration.

    The Switch Configuration page appears. See Table 4 for details.

LAN Segments

Displays the VLANs and their IDs that you configured on the switch.

  • Optional: To add a VLAN, click the + icon on the top, right corner of the LAN Segments table. The Create LAN Segment page appears. See Table 2 for details.

  • To edit details of a VLAN, select the LAN segment and click the Edit icon (pencil) on the top right corner of the LAN Segments table. The Edit LAN Segment page appears, displaying the same fields that are presented when you add a VLAN.

    Modify the parameters as needed and click OK. The changes that you made for the LAN segment are saved and the updated parameters appear on the LAN Segments table.

  • To delete one or more VLANs, select the VLANs and click the Delete icon (trash can) on the top right corner of the LAN Segments table.

Table 2: Fields on the Create LAN Segment Page when Adding a Site With LAN Capability

Field

Description

Create LAN Segment

Name

Enter a name for the VLAN.

The name for a VLAN should be a unique string of alphanumeric characters and some special characters (. -). No spaces are allowed and the maximum length allowed is 15 characters.

VLAN ID

Enter the VLAN ID for the VLAN.

Range: 2 through 4093.

Table 3 describes the fields on the Add New Switch page.

Table 3: Fields on the Add New Switch page

Field

Description

Device Profile

Device Name

Enter a unique name for the switch.

You can use alphanumeric characters and hyphen (-). The maximum length allowed is 15 characters.

Device Type

Select the type of switch—EX2300, EX3400, EX4300, EX4600, and EX4650.

Device Model

Select the model for the switch you specified in the Device Type field.

The models vary in the number and type of ports the switch contains. For example, If you selected EX3400, select a model such as EX3400-24P, EX3400-48P, EX3400-24T among others.

Switch Details

Virtual Chassis

Click the toggle button to enable or disable (default) adding the switch as a Virtual Chassis.

If you enable this toggle button, you must select the method of provisioning the Virtual Chassis.

  • Before you add a Virtual Chassis in CSO, ensure that the Virtual Chassis is setup. See Step-by-Step Procedure for details about setting up a Virtual Chassis. In addition, click the View Prerequisite Configurations link to view the requirements for adding a Virtual Chassis in CSO.

  • Currently, you cannot add a new member or change the roles assigned to the members after you onboard a Virtual Chassis. To change the roles, you must delete the Virtual Chassis, form a new Virtual Chassis, and then onboard the new Virtual Chassis.

Method

Select the method of provisioning the Virtual Chassis:

  • Auto Provisioning: The Virtual Chassis automatically determines the roles (primary, backup, and line card) of the member devices.

    If you select this option, you must enter only the serial number of the primary device in the Master Serial Number field that appears.

  • Pre Provisioning: You can determine the roles (primary, backup, and line card) of the member devices in the Virtual Chassis.

    If you select this option, you must provide the serial number, device type, device model, and role of all the member devices of the Virtual Chassis in the fields that appear.

    Note: In the case of preprovisioning, the primary device must always be designated as Member 0.

For both these methods, ensure that:

  • The devices in the Virtual Chassis are fully installed and ready to be configured in the site. In addition, all members must be powered on.

    This means that the output of the show virtual-chassis status command must display all the member devices of the Virtual Chassis and the devices must be in Present (Prsnt) state.

    Note: If you do not have access to the serial console port for preprovisioning, only the primary device must be powered on first.

  • The primary and backup member devices have internet access to the Juniper redirect server and CSO.

  • All members in the Virtual Chassis are running the same firmware (either JUNOS 18.4R2.7 or 18.4R3.3).

  • For EX3400 and EX4300 devices to act as a Virtual Chassis, all the corresponding member devices are interconnected through Virtual Chassis ports (VCPs).

    For EX2300, EX4600, and EX4650 devices to act as a Virtual Chassis, the uplink Ethernet ports are configured as VCPs manually and the member devices are interconnected.

Master Serial Number

If you selected Auto Provisioning, enter the serial number of the primary device (from the fully-formed Virtual Chassis).

To obtain the serial number, log in to the CLI of any device that is part of the fully-formed Virtual Chassis, in operational mode, and enter show virtual-chassis.

The list of the member devices in the Virtual Chassis, along with the serial number and role appear. The primary device is indicated as Master under Role.

Alternatively, you can view the serial number on the barcode sticker, which is on the rear-panel of the switch.

Member <member-number>

If you selected Pre Provisioning, enter the serial numbers of all the devices (from the fully-formed Virtual Chassis or based on what roles you decide to assign each Virtual Chassis member), and also select the member type and model from the list.

Note:

  • If you enable ZTP, you must enter the serial number of the primary device only in the Member 0 Serial Number field.

  • If you do not have access to the serial console port of the virtual chassis, the first member that is powered on is considered the primary device. Enter the serial number of this device in the Member 0 field.

Click the Add (+) icon to add a member or the Remove (-) icon to remove the last added member. For information on the number of devices that can be added, see Table 5.

Note: The Routing Engine toggle button corresponding to Member 0 is always enabled, indicating that Member 0 always acts as the primary device.

To select a member as backup, click to enable the Routing Engine toggle button corresponding to that member; the remaining members act as line cards.

Serial Number

If you disabled the Virtual Chassis toggle button, specify the serial number of the physical switch.

To obtain the serial number, log in to the CLI of the switch in operational mode and enter show chassis hardware. Alternatively, you can view the serial number on the barcode sticker, which is on the rear-panel of the switch.

The serial number is a case-sensitive, alphanumeric string.

Zero Touch Provisioning

Click the toggle button to enable or disable zero-touch provisioning (ZTP) of the switch through ZTP.

If you disable ZTP, you must manually copy and paste the Stage-1 configuration on the switch during site activation. See Step 5 for details.

Note:

  • Only EX Series switches running 18.4R2.7 or 18.4R3.3 firmware support ZTP.

  • EX4600 and EX4650 switches do not support Phone-Home client. You must disable ZTP and manually configure the stage-1 configuration on the switches.

Boot Image

Select the boot image from the list if you want to upgrade the image for the switch.

The boot image is the latest device image that is uploaded to the image management system. The boot image is used to upgrade the device when the CSO starts the ZTP process.

If the boot image is not provided, then the device skips the automatic upgrade procedure. The boot image is populated based on the device template that you have selected while creating a site.

Note: This option is not available for a Virtual Chassis.

To provision a Virtual Chassis in CSO, you must manually upgrade the image to either JUNOS 18.4R2.7 or 18.4R3.3.

Auto activate

Click the toggle button to enable (default) or disable automatic activation of the switch when the switch is detected by CSO (that is, management status of the device is Device_Detected).

When you enable this field, zero-touch provisioning (ZTP) of the switch is automatically triggered when the device communicates with CSO.

Note: The switch must be powered on for automatic activation when you enable this option.

Activation code

If you disabled the Auto activate field, enter the activation code to be used for manually activating the switch

For information on manually activating a switch, see Manually Activating a Switch.

Table 4 describes the tabs on the Switch Configuration page.

The Access Profiles tab and Port Profiles tab are available only if you have added a physical switch or a preprovisioned Virtual Chassis, and the selected switches are of the same device type and model. If you have added an autoprovisioned Virtual Chassis, only the Configuration Templates tab is available. The Port Profiles tab is unavailable because, in the case of autoprovisioning, port profiles can be configured only after provisioning the Virtual Chassis. The Access Profiles tab is unavailable because the access profile requires a RADIUS authentication server to be added to it. The parameters related to communication between the RADIUS server and the supplicant are defined in the authentication profile , which is, in turn, referenced by the port profile.

Table 4: Tabs on the Switch Configuration page

Tab

Description

Access Profiles

Displays the list of access profiles available in CSO. The list is populated from the Access Profiles page (Configuration > SD-LAN > Access Profiles).

You can also click the Search icon to search for a specific access profile in the list.

For details of the fields displayed on the Access Profiles table, see About the Access Profiles Page.

Optional: You can select an access profile from the list to assign it to the switch.

Port Profiles

Displays the list of interfaces (ports) available in CSO.

You can also click the Search icon to search for a specific port in the list.

Optional: To assign port profiles and VLAN IDs to the ports:

  1. Select one or more ports and click Edit Configuration on the top right corner, above the Interface List table.

    The Edit Port Configuration page appears.

  2. From the Port Profile list, select a port profile to be assigned to the port.

    Note: The port profile must already be created from the Port Profiles page (Configuration > SD-LAN > Port Profiles) for it to be listed here.

  3. In the VLAN field, if the port is configured as a trunk port in the port profile, assign multiple VLANs by selecting the VLANs in the Available column and clicking the right-arrow to move them to the Selected column.

    If the port is configured as an access port in the port profile, you can assign only one VLAN.

  4. From the Native VLAN list, select a VLAN that you want to configure as native. This option appears only if you select a Trunk port profile from the Port Profile list.
  5. Click OK to complete the configuration. You are returned to the Add On-Premise Spoke Site page.

Configuration Templates

Displays the list of configuration templates. This list is filtered based on the device that you select.

Configuration templates are predefined stage-2 templates that are added by your OpCo administrators or SP administrators.

To add configuration templates and set the parameters for the selected configuration templates:

  1. After you select one or more configuration templates, click Set Parameters.

    The Device Configurations page appears. This page consists of two tabs—Configure and Summary

  2. In the Configure tab fill in the attributes for each of the configuration templates.
  3. (Optional) View the CLI commands in the Summary tab.
  4. Click OK.

    You have added and set the parameters for the configuration templates.

Table 5 lists the supported device types, combinations in the non-mixed mode, and the total number of members, supported by each device type, in a Virtual Chassis.

Table 5: Supported Device Types, Modes, and Number of Members Allowed in a Virtual Chassis

Device Type

Non-mixed Virtual Chassis Support

Number of Members Allowed in the Virtual Chassis

EX2300

Combination of the same or different models of EX2300 switches.

Up to 4 members.

EX3400

Combination of the same or different models of EX3400 switches.

Up to 10 members.

EX4300

Combination of the same or different models of EX4300 switches.

Up to 10 members.

EX4600

Combination of the same or different models of EX4600 switches.

Up to 10 members.

EX4650

Combination of the same or different models of EX4650 switches.

Up to 2 members.

Before you autoprovision or preprovision a Virtual Chassis in CSO, ensure that the Virtual Chassis is setup.

  • To setup a Virtual Chassis for autoprovisioning:

    1. Decide the number of member devices in the Virtual Chassis.
    2. If you’ve added EX3400 or EX4300 devices as Virtual Chassis, interconnect all the corresponding member devices through Virtual Chassis ports (VCPs).

      If you’ve added EX2300, EX4600, or EX4650 devices as Virtual Chassis, configure the 10-Gbps Ethernet ports as VCPs manually (through CLI) and interconnect the member devices.

      Note

      At this point, do not power on any member devices in the Virtual Chassis.

    3. Decide which member device acts as the primary and power on only this device first.Note
      • Remember the serial number of the primary device in the Virtual Chassis. This serial number is required during the site activation workflow to add this Virtual Chassis in CSO.

      • For ZTP to be successful, the primary device should always be designated as Member 0. You must specify the same serial number in the Member 0 field in CSO.

    4. Wait until the primary device completes booting.

      After booting is complete, the LCD panel on this device displays a menu that includes the JUNOS OS version loaded on the device, status of VCPs, status of power supplies, and so on.

    5. Power on the remaining member devices one after the other.
    6. Wait until all the member devices complete booting.

      After booting is complete, you can confirm that the Virtual Chassis is fully formed when all the LEDs on the VCPs are ON.

    7. Connect the primary and backup device to the Internet through the management port or uplink port.
    8. Verify the connectivity from the primary device to CSO or to any host on the Internet by using ping or telnet to Juniper redirect server on port 443.
  • To setup a Virtual Chassis for preprovisioning:

    1. Decide the number of member devices in the Virtual Chassis.
    2. If you’ve added EX3400 or EX4300 devices as Virtual Chassis, interconnect all the corresponding member devices through Virtual Chassis ports (VCPs).

      If you’ve added EX2300, EX4600, or EX4650 devices as Virtual Chassis, configure the uplink Ethernet ports as VCPs manually and interconnect the member devices.

      Note

      At this point, do not power on any member devices in the Virtual Chassis.

    3. Decide which member device acts as the primary and which member device acts as the backup.
    4. Of the two devices, power on the device that you want to select as the primary (Member 0), and wait until it completes booting.

      After booting is complete, the LCD panel on this device displays a menu that includes the JUNOS OS version loaded on the device, status of VCPs, status of power supplies, and so on.

      Note
      • Remember the serial numbers of all the devices in the Virtual Chassis. These serial numbers will be needed in the site activation workflow to add this Virtual Chassis in CSO.

      • For ZTP to be successful, the primary should always be designated as Member 0. You must specify the same serial number in the Member 0 field in CSO.

    5. Power on the device that you want to select as the backup and wait until it completes booting.

      After booting is complete, the LCD panel on this device displays a menu that includes the JUNOS OS version loaded on the device, status of VCPs, status of power supplies, and so on.

    6. Power on the remaining member devices one after the other.
    7. Wait until all the member devices complete booting.

      After booting is complete, you can confirm that the Virtual Chassis is fully formed when all the LEDs on the VCPs are ON.

    8. Connect the primary and backup device to the Internet through the management port or uplink port.
    9. Verify the connectivity from the primary device to CSO or to any host on the Internet by using ping or telnet to Juniper redirect server on port 443

Now that the Virtual Chassis is setup, proceed to add the Virtual Chassis in CSO. See the Switch Devices section in Table 1 for details.