Cisco - MSX 360

Demonstration Guide
Cisco dCloud
Cisco MSX 3.6.0 Walkthrough for

SD-WAN and Managed Device
Created in Partnership with Solutions Readiness Engineers

Last Updated: 18-October-2019
About This Demonstration

This guide for the preconfigured Cisco MSX 3.6.0 Walkthrough for SD-WAN and Managed Device
demonstration includes:
About This Demonstration
Requirements
About This Solution
Topology
Get Started
Scenario 1. Explore some Cisco SD-WAN Basics
Scenario 2. Cisco MSX SD-WAN Control Plane Management
Scenario 3. Cisco MSX SD-WAN Managing Tenant Application Classification
Scenario 4. Cisco MSX SD-WAN Management of SD-WAN Path Preferences
Scenario 5. Verification of MSX Service Management in vManage
Scenario 6. MSX SD-WAN Bulk Site Provisioning
Scenario 7. Cisco MSX Swagger API
Scenario 8. Cisco MSX Managed Device
© 2019 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 90
Demonstration Guide
Cisco dCloud
Scenario 9. Cisco MSX Summary Dashboard
What’s Next?
Demonstration Guide
Cisco dCloud
Requirements
The table below outlines the requirements for this preconfigured demonstration.
Required Optional
Laptop Cisco AnyConnect®
About This Solution

Cisco Managed Services Accelerator (MSX) is a multi-tenant, multi-service, cloud-native, service creation and
delivery platform that helps service providers quickly, easily, and cost-effectively develop and deliver managed
services to business customers.
• We will be highlighting the MSX SD-WAN service, which allows multi-tenant management of any Cisco SD-
WAN service.
• We will be highlighting the MSX Managed Device Service, specifically in this demo – the management of
Cisco CSR1000v routers. Beyond the scope of this demo, Cisco MSX Managed Device can manage more
than 100 vendors’ devices.
Limitations
Please note that this is not production MSX. To reduce the resource requirements and footprint, this version of
MSX has been stripped of all redundancy, therefore please leverage this dCloud MSX demo as an example
walkthrough to understand the application flows and capabilities, and NOT as a production grade.
• This version of MSX (dCLoud Edition) does not include AO Workflows.
• All possible redundancy has been intentionally removed in order to minimize resource requirements.
• This version of the dCLoud walkthough guide includes SD-WAN and Managed Device. A future version will
include MSX SD-Branch as well. However, we have included an NFVIS instance in this pod, so should one
wish to do something beyond the scope of this document, the necessary pieces are there.
Customization Options
This dCloud edition of Cisco MSX does include the ability to “skin” the interface with specific color schemes
and logos. Feel free to go to settings and “UI Editor” to customize the UI interface per the desired settings.
Demonstration Guide
Cisco dCloud
Topology
This content includes preconfigured users and components to illustrate the scripted scenarios and features of
the solution. Most components are fully configurable with predefined administrative user accounts. You can see
the IP address and user account credentials to use to access a component by clicking the component icon in
the Topology menu of your active session and in the scenario steps that require their use.
dCloud Topology
Equipment Details
Name Description Host Name (FQDN) IP Address Username Password
Cisco MSX Cisco MSX SD-WAN 198.18.134.2 n/a superuser superuser

3.6.0
vManage 198.18.134.40 198.18.134.40 admin admin
Windows Windows Workstation built into the 198.18.133.252 198.18.133.252 administrator C1sco12345
Workstation POD for “local” access
Demonstration Guide
Cisco dCloud
Router Node Details
Name IP Address Port Username Password
CSR1000v-1 198.18.1.31 22 cisco cisco
Node-2 198.18.1.32 22 cisco cisco
Node-3 198.18.1.33 22 cisco cisco
Component Details
• Cisco MSX (dCloud Edition) 3.6.0

• Cisco SD-WAN 18.3.3
Demonstration Guide
Cisco dCloud
Get Started
Follow these steps to schedule a session of the content and configure your presentation environment.
1. Initiate your dCloud session. [Show Me How]
NOTE: It may take up to 20 minutes for your session to become active.
2. For best performance, connect to the workstation with Cisco AnyConnect VPN [Show Me How] and the
local RDP client on your laptop [Show Me How]
• Workstation 1: 198.18.133.252, Username: administrator, Password: C1sco12345.
Demonstration Guide
Cisco dCloud
Scenario 1. Explore some Cisco SD-WAN Basics

Value Proposition: First and foremost, Cisco MSX is a platform capable of adding any number of specific use
cases on top of it. In short, Service Providers can integrate MSX into their existing infrastructure once, and then
plug in any additional “as a Service” type use case they desire. In this scenario, we will manage a Viptela SD-
WAN service on behalf of a specific tenant “Coke”. Specifically, we will demonstrate how to onboard an
existing Viptela Control Plane and bring that under the management of Cisco MSX SD-WAN.
Steps
Before we get into MSX, let’s take a very quick look at a few Viptela specific pre-existing parameters and
settings.
1. From the remote desktop, launch Chrome.
2. Set Chrome to incognito mode.
3. Navigate to Cisco vManage at https://198.18.134.40. Login with username admin, password admin.
Demonstration Guide
Cisco dCloud
4. You are presented with the vManage splash screen. In essence, this is a brand new Viptela control plane.
The only thing we have added here is a VERY basic device policy, such that we can show how vEdges can
be added to the topology.
NOTE: We are not sending any traffic across any site in this simulation. We are simply showing how MSX can
manage a Cisco SD-WAN Control plane – both an existing brownfield deployment, and a brand-new greenfield
deployment.
5. On the left-hand side of the window, click the Configuration gear icon, then select Policies.
Demonstration Guide
Cisco dCloud
6. Notice there is no Centralized Policy, which makes sense as this is a new SD-WAN deployment. Feel free
to click on Localized Policy as well. No policy exists there, either.
7. Towards the upper right-hand corner of the window, select Custom Options, then select Lists under the
Centralized Policy heading.
8. Once you see the application lists screen, click New Application List.
Demonstration Guide
Cisco dCloud
9. Below the green Application radio button, click anywhere in the white field which says Select one or more
applications lists. You will see a screen similar to the following. Scroll down to view and take note of a few
of these applications. The important take away here, is that Viptela comes “out of the box” with a very
robust list of applications which can be classified, marked, and routed throughout the network in a manner
desired by the system architects (or Managed Service Provider / “as a Service” Provider)
10. Click anywhere outside the white field below the green Application radio button, and then click Cancel.
NOTE: If this were a pre-existing “brownfield” deployment, we could also explore any other existing policies or
templates, but as this is a fresh “greenfield” deployment, there are no other settings other than a very basic
device policy that was created in case the user would like to manually bring up a vEdge in order to compare to
the ease at which MSX can provisioning many devices in bulk.
This concludes scenario 1.
Demonstration Guide
Cisco dCloud
Scenario 2. Cisco MSX SD-WAN Control Plane Management

Value Proposition: Now it’s time to bring this Viptela deployment under the management of Cisco MSX.
Steps
1. In Chrome, navigate to the MSX GUI at http://198.18.134.2. Sign in with username superuser and
password superuser.
• In some cases, you may receive a Whitelabel Error Page message upon login (shown below).
• To resolve this issue, simply remove everything but the IP address from the URL bar.
• Then press Enter. You should receive a fresh MSX portal (same screen also shown in step 2 below).
Demonstration Guide
Cisco dCloud
2. You will see the initial MSX splash screen. Note that there is nothing configured on this system at this time,
and therefore no top-level summary information to display, yet.
Demonstration Guide
Cisco dCloud
3. The first thing we have to do is create a Tenant for which we will manage multiple services. On the left
navigation pane, click Tenants. Then click Add Tenant.
4. All you need to add here is the Tenant name. Enter Coke and then click Save.
Demonstration Guide
Cisco dCloud
5. Click Add Tenant again.
6. Enter Pepsi and click Save.
Demonstration Guide
Cisco dCloud
7. On the left-hand pane, click Service Catalog. Then select the SD-WAN pane.
8. You are asked which tenant you want to use to manage this service. We are going to be managing this SD-
WAN service for the Coke tenant. From the pull-down menu, select Coke, and then click Continue.
Demonstration Guide
Cisco dCloud
9. You are presented with the initial MSX service purchase screen.
IMPORTANT! MSX has the option of an end user self-maintenance portal. Not every MSX customer chooses to
use this option. Some providers trust their end users to enter information in a portal correctly. Other providers
do not – and prefer to have their operations team enter all service details.
This screen is meant to be a way that end users can see the details of a service, the price, and (optionally)
enter credit card information before the service is enabled for that specific tenant. In this case, we are running
through this exercise as an Operator, and therefore, many details such as credit card information, and “click
here to confirm” options have been disabled.
You will then be presented with the basic (unpopulated) service screen for Coke. Now we can setup and
manage the SD-WAN service on behalf of this specific tenant.
Demonstration Guide
Cisco dCloud
10. Click Get Started to continue.
11. In the bottom right-hand corner of the window, click Add Control Plane.
Demonstration Guide
Cisco dCloud
NOTE: you are given a few options here: Attach to an existing Viptela Control plane, or Create a new Viptela
Control Plane.
Cisco MSX gives the operator the option of creating a new “greenfield” Viptela control plane in AWS. In this
case, we have not configured MSX with any AWS account details, so this is not currently an option for this lab.
Cisco MSX also gives the operator the option of attaching to an existing “brownfield” control plane in any
location. To save time, an existing Viptela control plane has already been created as part of this dCloud
scenario.
IMPORTANT! In MSX 3.7.0, Cisco MSX will also support the ability to create a new “greenfield” Viptela control
plane in a private data center as an alternative to AWS. Updated dCloud demo coming soon!
12. Click Attach and then Continue to move to the settings for existing control planes.
13. Now you can enter the details for the existing dCloud Viptela vManage:
• URL: https://198.18.134.40
• Organization Name: Cisco Sy1 – 19968
• Username: admin
• Password: admin
NOTE: Copying and pasting the Organization Name Cisco Sy1 – 19968 can sometimes cause problems. We
recommend that you enter the Organization Name manually. Note that there are spaces in the Organization
name between “Sy1”, “-“, and “19968”.
Demonstration Guide
Cisco dCloud
14. Click Submit.
Demonstration Guide
Cisco dCloud
15. The settings are saved, and MSX is now in control of this specific Viptela control plane.
16. You can also scroll up to see both a visual map view of the Viptela deployment, and the list view. Note in
the very top right corner of the browser, there is a slide button that changes from map view to list view.
(There may be an info bar that needs to be closed by clicking the “x” before you can see this radio button.)
Demonstration Guide
Cisco dCloud
You have brought an existing Viptela deployment for a specific tenant (Coke) under the control of the MSX
platform.
Demonstration Guide
Cisco dCloud
Scenario 3. Cisco MSX SD-WAN Managing Tenant Application Classification

Value Proposition: In this scenario, you will not only bring the existing Coke Viptela service under MSX
management, but will create all the appropriate policies and templates required to manage this service
automatically.
Cisco MSX SD-WAN as a Service will never attempt to replace VManage. There are thousands of features in
vManage. However, there are some operations that are required more often than others. It is the approach of
Cisco MSX SD-WAN to abstract the most common vManage settings into the MSX operations portal. For those
features not abstracted into MSX, any other feature is still available via that specific vManage which is
accessible via the MSX portal without requiring additional logins, normally.
The passthrough login feature requires LDAP, which is not available in this dCloud pod, so in this case, we will
have to log into vManage. Scroll down to the bottom of the MSX SD-WAN page for “Coke” and click “View
Control Plane”, and you will be taken to another window for Coke’s vManage. Remember that no logon would
be required when LDAP is properly configured.
IMPORTANT! It’s probably worth taking a quick moment to do a high-level review of what one needs to easily
manage a multitenant SD-WAN “as a Service” platform.
At its most basic level, SD-WAN is a way of intelligently performing application routing over pre-determined
WAN links according to a tenant’s requirements. This requires many aspects, including:
• Identify the application.
• Mark the application with an appropriate QOS setting.

• Perform application aware routing via the appropriate WAN link. (Typically, MPLS vs. Internet)
• Queue the various applications appropriately per link.
The ultimate goal of Cisco’s MSX platform is to be an extremely rapid “time to market” vehicle for basically any
“as a Service” offering a provider wants to offer. In many cases, we’ve seen providers spin up a new service
(and new associated revenue with that service) in 60 days.
The ultimate goal of the specific Cisco MSX SD-WAN Service Pack, is to make it as simple as possible to
manage a robust multi-tenant SD-WAN “as a Service”. Toward this end, Cisco MSX will automatically set up a
consistent robust Cisco SD-WAN service deployment which will immediately cover the vast majority of tenant
use cases with minimal required expertise and effort.
Demonstration Guide
Cisco dCloud
Steps
1. In Chrome, navigate to http://198.18.134.2. If necessary, sign in to MSX with username superuser and
password superuser. If you aren’t prompted for a login, select Dashboard in the left-hand pane.
• In some cases, you may receive a Whitelabel Error Page message upon login (shown below).
Demonstration Guide
Cisco dCloud
2. In the left-hand pane, select Tenants, then click the sdwan icon for Coke.
3. In the left-hand pane, select Traffic Policy, click the Application Relevance tab, and then click Setup
Application Relevance.
Demonstration Guide
Cisco dCloud
4. At this point, MSX will query the vManage API’s which may take a minute or two.
5. At this point you will see the same long list of applications that we previously noted in vManage, and their
relevance and Traffic Class. MSX has queried the vManage APIs and brought in the complete application
list, and associated each application with an appropriate Traffic Class.
Demonstration Guide
Cisco dCloud
Let’s explore this a bit more.

Important Take Away. What’s happening behind the scenes…
As you would expect, there are thousands of options with any Cisco SD-WAN deployment. The goal is for
Cisco MSX SD-WAN Service Pack to be able to quickly setup and easily manage any tenant’s SD-WAN
deployment “as a Service”. So once a Cisco SD-WAN deployment is brought under the management of Cisco
MSX, many default policies and settings are automatically deployed based on the most common industry best
practices. Once the operator clicks any “apply” button for any traffic or application policy, eight different traffic
classes are immediately created, and all managed applications are then assigned to their most common traffic
class. Multiple traffic routing policies are also created, with the most common assignment of traffic classes to
each respective route policy.
Put simply, when Cisco MSX creates or onboards any managed Cisco SD-WAN deployment, it automatically
configures that deployment with the most common industry settings. The operator can then easily customize
the most common settings on behalf of the managed tenant in simple terms of whether or not an application is
relevant to that tenant’s business.
As an example, let’s take a look at the ABCNews app (only because ABCNews is near the top of the list
alphabetically). Note that under Relevance, the ABCNews app defaults to Business Irrelevant and under
Traffic Class it defaults to Scavenger.
In order to make managing Cisco SD-WAN “as a Service” as simple as possible on any operations team, Cisco
is using the most common industry classifications for the top three likely settings (out of the eight queue
alternatives) and has mapped them to the labels Business Irrelevant, Default, and Business Relevant. Cisco
has intentionally done this so an operator doesn’t have to figure out if ABCNews belongs in a queue called Call
Signaling, or Interactive Video, or Bulk Data.
Demonstration Guide
Cisco dCloud
All the operator needs to understand while using Cisco MSX is whether or not an application such as ABCNews
is Default, Relevant, or Irrelevant to the tenant’s business. All the end tenant needs to understand, is whether
said app is important for their day-to-day operations. Therefore, when we select Default, Business Relevant or
Business Irrelevant, that easily understood common language reference is then automatically mapped to the
appropriate QOS setting behind the scenes.
To illustrate this point, let’s imagine that our tenant Coke calls their Cisco SD-WAN “as a Service” provider, and
says that the app ABCNews is actually a critical application for them, and could the provider please reclassify
this application as Business Relevant for better performance.
6. Let’s change the ABCNews app from Business Irrelevant to Business Relevant and note what happens.
The Traffic Class then changes from Scavenger to Bulk Data – which is the pre-determined best
classification for this application should the end tenant want better performance. At no point does anyone
have to consider Voice Signaling, or Streaming Video. At no point does anyone really even have to
understand the application. They simply have to determine whether or not it is relevant to the tenant’s
business function.
7. Scroll down and click Apply.
Demonstration Guide
Cisco dCloud
8. Click Yes at the confirmation pop-up.
NOTE: You may also see a brief notification that the change request has been initiated.
9. We want to give MSX a few seconds to communicate with vManage and make sure our change has been
applied. So, before we leave this screen, scroll up where you should see another notification that changes
are being applied.
10. Please wait until the purple Applying application relevance settings. It will take a few minutes. message
disappears. You should also get a green notification bar that the settings have been applied.
11. Once the purple message has disappeared, you can proceed.
Demonstration Guide
Cisco dCloud
Scenario 4. Cisco MSX SD-WAN Management of SD-WAN Path Preferences

Value Proposition: It is extremely important to be able to set SD-WAN path preferences, so in this scenario we
will demonstrate how Cisco MSX SD-WAN very easily sets these values. We will also verify these settings in
another scenario.
Steps
1. In the MSX GUI select the Path Preference tab, and then click Add Path Preferences.
2. Remember that ABCNews is now in the Bulk Data traffic class. Scroll down to the Bulk Data class and click
on the arrow to show the path preference options. We can see that the default is PRIMARY: Biz Internet
and FALLBACK: MPLS.
Demonstration Guide
Cisco dCloud
Important! One of the key goals of Cisco SD-WAN is to give the end tenant much more power in how
applications utilize WAN links. For example, take something like Guest WIFI. If the end tenant has both an MPLS
link and Internet link, perhaps they like the idea of ensuring that their intellectual property related traffic prefers
the MPLS link, but that their Guest WIFI always prefers the public internet link. Perhaps in the event of a failure,
they are satisfied with their core business traffic failing over to the internet. However, they never want to use
their MPLS link for Guest WIFI. These options are all possible and easily managed with Cisco MSX SD-WAN
Service Pack.
3. Just to illustrate this point, let’s change the FALLBACK setting for Bulk Data to Blackhole. Put another way,
Bulk Data will prefer the Biz Internet links, but never fail over to MPLS, per the request from the specific
Coke tenant.
4. Scroll down and click Apply.
Demonstration Guide
Cisco dCloud
5. You should then see another confirmation message stating that the changes are being applied. You might
also see a brief notification that the change request has been initiated.
6. We want to give MSX a few seconds to communicate with vManage and make sure our change has been
applied. So, before we leave this screen, scroll up where you should see another notification that changes
are being applied.
7. Please wait until the purple Applying path relevance settings. It will take a few minutes message
disappears. You should also get a green notification bar that the settings have been applied.
Now it’s time to head back into vManage and verify we just configured vManage with what we intended.
Demonstration Guide
Cisco dCloud
Scenario 5. Verification of MSX Service Management in vManage

Value Proposition: In this scenario, we will verify from Vmanage that the settings we made via Cisco MSX in
the previous scenarios were indeed successfully applied to this topology.
Steps
1. In Chrome, navigate to Cisco vManage at https://198.18.134.40. If necessary, login with username admin
and password admin.
2. Click the Configure gear icon and then Policies.
3. You land on the Centralized Policy tab. Note that we now have a MSX-CentralizedPolicy added and it is
active.
Demonstration Guide
Cisco dCloud
4. In the top right-hand corner of the window, click Custom Options and select Lists under the Centralized
Policy heading.
5. You see all the application lists that MSX has created and instantiated on this system.
6. Optional. Locate the MSX-Bulk-Data list entry on this screen, and click the edit icon on the right that looks
like a pencil.
Demonstration Guide
Cisco dCloud
7. Optional. If you scroll to the right, you will eventually see our ABCNews application whose application
performance that we altered via MSX. You can also click anywhere in the white area of the Select
Application field with the blue applications, and type abc in the Search field, and you will see a pull-down
menu where ABCNews is listed.
8. Click outside the white pull-down menu and then click Cancel to exit.
Demonstration Guide
Cisco dCloud
9. Click Site to see MSX additions.
10. Click SLA Class to see MSX additions.
11. In the top right-hand corner of the screen, click Custom Options. Then select Traffic Policy under the
Centralized Policy heading.
Demonstration Guide
Cisco dCloud
12. You can see that MSX added a new Application Aware routing policy per our changes in the MSX operator
portal.
13. On the right side of the window, click the 3 dots (…)and then click View so we can view this new policy.
14. Scroll down to the MSX-Bulk-Data App Route Policy, and click the down arrow to fully expand it.
Demonstration Guide
Cisco dCloud
15. Notice that the preferred color is biz Internet, that it has no backup preferred color like the other app
policies, and that it is Strict. This shows that our request, to blackhole traffic if the primary path is down, is
indeed being enforced. (If you still see a backup preferred color, it’s possible you left MSX before it could
successfully write the changes to vManage.)
IMPORTANT! We’ve now gone through part of the MSX SD-WAN operation portal capability, and you’ve seen
how easy it is for an operator to manage some of the most common aspects to a managed SD-WAN “as a
Service” offering without requiring any navigation through vManage. At the same time, we’ve also shown how
easy it would be for an operator to connect to a specific tenant vManage to perform any supported
configuration in the native vManage. Therefore, we have the ability to perform any vManage function that might
ever be required in a completely multi-tenant SD-WAN “as a Service” offering.
Demonstration Guide
Cisco dCloud
Scenario 6. MSX SD-WAN Bulk Site Provisioning

Value Proposition: In this scenario, we will see how MSX can help provision large numbers of sites
automatically. (We will explore single-site provisioning at the end of this scenario as well.)
The Cisco MSX SD-WAN Service Pack allows the operator to not only provision new sites, but also provision
new sites in bulk. This allows the operator great efficiency gains when managing Cisco SD-WAN “as a Service”
on behalf of multiple tenants.
The general procedure is as follows:

• MSX can create a raw CSV file which includes important information, such as:
• Support for any Device Templates
• Details regarding which fields are required for one template vs another.
• Pre defined fields such as the chassis numbers for any systems that have already “called home” directly
or via Cisco’s public redirect service.
• The operator can then fill out this file per the provided fields.
• The operator then uploads the completed template back into MSX.
• The MSX operator portal then shows all vEdges or cEdges that are in a state ready to be provisioned. The
MSX operator can then provision any vEdge or cEdge as they need to – MSX communicates with vManage
and handles the required steps to bring the new Edge device under full management.
IMPORTANT! Cisco provides a public redirect service to help with “Zero Touch Provisioning” (ZTP) which
allows any “out of the box” vEdge or cEdge to get its initial configuration details. A virgin system will connect to
this service, and query to see if it’s serial number has been claimed. If it has been claimed, the appropriate
service details are then downloaded to the Edge device, such that it can connect with it’s appropriate vBond
and vManage. This service is simulated in the generic Cisco SD-WAN dCloud POD. In this pod, we have pre-
connected the vEdge to vManage for convenience.
Steps
We have pre-configured the CSV file for this portion of the lab, and put it on the dCLoud POD’s Windows
workstation desktop in advance. Therefore, we recommend that you perform these steps from the Windows
workstation.
1. If necessary, navigate to Cisco vManage at https://198.18.134.40 and login with username admin,
password admin.
2. On the left-hand pane, click the Configuration gear icon, then select Devices.
Demonstration Guide
Cisco dCloud
3. You will see we have two vEdge’s that have called into vManage and registered with ZTP. But vManage has
not configured them or brought them under its management yet.
4. Navigate to the MSX GUI (http://198.18.134.2), and login with username superuser, password superuser.
Demonstration Guide
Cisco dCloud
• In rare cases, you may receive a Whitelabel Error Page message upon login (shown below).
5. In the left-hand pane, select Tenants, then select Coke.
Demonstration Guide
Cisco dCloud
6. Click the sdwan icon.
7. In the left-hand pane, select Bulk Import.
Demonstration Guide
Cisco dCloud
NOTE: If you care to, you can have MSX generate for you a blank CSV file so you can see an example of this
sample file. If you do, be sure to make note of all the fields that have an R in them, as that indicates a required
field for that particular template. We have installed a CSR viewer on the Windows Workstation in order to
conveniently view the CSV file.
8. Let’s upload the pre-configured CSV file so we can provision our site. (By the way, if you’d like to open this
file to view its fields, feel free to double click and see the completed version.) In the Import Sites portion of
the screen, click the upload arrow.
9. In the Windows Explorer tree click Desktop. On the desktop, select the file named Coke-
DeviceTemplate.csv. Then click Open.
Demonstration Guide
Cisco dCloud
10. You are returned to the Bulk Import page for SD-WAN for Coke. Click Import Sites.
11. A confirmation dialog box appears. Click Import Site Data.
Demonstration Guide
Cisco dCloud
12. You then see a message that MSX is validating site data, and if all goes well, an indicator that the site data
was successfully uploaded. Click View Sites.
13. Notice how MSX now sees that a site is Ready to Provision.
Demonstration Guide
Cisco dCloud
14. Click the Ready to Provision line, and you arrive at the Provision screen. Click Provision Site.
15. The provisioning process begins.
Demonstration Guide
Cisco dCloud
16. After approximately five minutes, the dialog box should eventually go green indicating that the site was
successfully provisioned according to the assigned template and values in the CSV file we uploaded. Be
patient, as MSX verifies that all systems accepted the new settings and that every SD-WAN controller is
100% in sync before going to a green state. Do not proceed to the next step until the operation is
complete.
17. Scroll to the top of the screen. Now we can see the provisioned site in our List view and our Map view.
Demonstration Guide
Cisco dCloud
18. If you would like to verify back in vManage, navigate to Cisco vManage at https://198.18.134.40 and, if
necessary, login with username admin, password admin.
Demonstration Guide
Cisco dCloud
19. Click the Configuration gear icon, then select Devices.
20. You can see that this device now has a template applied and is in-sync.
Congratulations, you’ve now performed Bulk Provisioning via the Cisco MSX SD-WAN operations portal!
One last thing to explore, is adding a single individual site. In this particular dCloud pod, we only have the
single available license which was just used, but it is still worth having a look at the options for provisioning a
single site – another option in addition to provisioning sites in bulk.
21. In Chrome, navigate to the MSX GUI at http://198.18.134.2 and, if necessary, login with username
superuser, password superuser.
Demonstration Guide
Cisco dCloud
Demonstration Guide
Cisco dCloud
22. In the left-hand pane, click Tenants. Then click the sdwan icon for Coke.
23. Scroll down a bit and click Add Site.
Demonstration Guide
Cisco dCloud
24. Here you see three options for provisioning a single site. As we have no additional licenses, there isn’t
much we can do here. Just make note that Cisco MSX can provision physical SD-WAN devices such as
ISR’s, Virtual Edge devices via virtualization platforms such as the Cisco ENCS/NFVIS system, and also Edge
devices running in a public cloud.
Important Note: One nice feature regarding provisioning virtual edge devices, is that MSX can simply make an
API call to vManage to grab a chassis ID and a security token, to be inserted into the Edge node startup config.
This makes provisioning such devices that much easier, as there is no need to enter vManage to obtain these
required details. It’s simply an automatic API all from Cisco MSX, and then an automatic entry in the Edge VNF
when it boots.
Demonstration Guide
Cisco dCloud
Scenario 7. Cisco MSX Swagger API

Value Proposition: The Cisco MSX platform comes with a built in Swagger API and UI. Swagger is basically a
self-documenting API with allows developers to program anything/everything they wish to in MSX without the
requirement of going through the included MSX GUI. This scenario will be an extremely brief look at some of
the capability of the Cisco MSX API gateway, however, we will not see it in action until we get to Scenario 8.
There, we will see the use of this API via the Cisco MSX custom WorkFlows we have loaded on this system as
an example.
Steps
1. In Chrome, navigate to the MSX GUI at http://198.18.134.2 and, if necessary, login with username
superuser, password superuser.
Demonstration Guide
Cisco dCloud
2. Click Super User in to the top right-hand corner of the window. Then click Account Settings.
Demonstration Guide
Cisco dCloud
3. On the Account Settings page, scroll down the page until you see API Documentation: Swagger UI. Then
click Swagger UI.
4. You are taken to the root of the Swagger API reference.
Demonstration Guide
Cisco dCloud
5. We’re not actually going to run any API calls in this section. We’re simply going to browse around a bit to
get an idea of what’s available, and how easy it is for developers to program against the Cisco MSX API
Gateway via Swagger. As this dCloud demo is aimed at SD-WAN, click on the SDWAN Microservice link.
6. You will notice a high level grouping of functions here. Click data-plane-controller and you will see a set of
functions under that category.
Demonstration Guide
Cisco dCloud
7. Click the first function in the list: GET “/v1/dataplane/{tenantId}/site”.
8. Notice the Try it out button on the top right? The nice thing about Swagger is it not only gives developers
the details one would expect from a documented API, but it goes the extra step and even allows you to test
the API call – and the details of what that call needs to carry regarding payloads and headers.
9. Feel free to browse around. There is an extremely robust set of functionality available here, allowing the
consumer to program any customized action within the MSX SD-WAN service Pack. In this lab, we’re not
Demonstration Guide
Cisco dCloud
going to actually test anything at the moment with Swagger. That would require multiple steps such as
authenticating and getting a token for further API calls.
Rather than testing it here, let’s move ahead to Cisco MSX Workflows, where we have incorporated a few
examples that utilize the functionality you see here via Swagger.
Demonstration Guide
Cisco dCloud
Scenario 8. Cisco MSX Managed Device

Value Proposition: Until now, we’ve focused on MSX SD-WAN Service Pack. Now it’s time to look at the MSX
Managed Device, which today is a managed Cisco ISR (or anything running IOS-XE such as a Catalyst 3000)
service. In a future release, we will support over 100 vendors and multiple Cisco devices and operating
systems.
Steps
1. Navigate to the MSX GUI at http://198.18.134.2 and login with username superuser, password superuser.
Demonstration Guide
Cisco dCloud
2. In the left-hand pane, select Service Catalog. Then select Managed Device.
Demonstration Guide
Cisco dCloud
3. From the Tenant pull-down menu, select Coke.
4. Click Continue.
5. Click Get Started.
Demonstration Guide
Cisco dCloud
6. Before we add any devices, we have to load up some configuration templates. In the left-hand pane, click
Templates. Then click New Template.
Note that on the Windows Workstation, you will find two XML files:
• Onboard_only.xml: Simply brings the IOS-XE under the management of MSX)
• Hostname.xml: Brings the IOS-XE under the management of MSX and changes the hostname)
7. For Template Name, enter onboard_only as the name, and provide a brief description. Then click
Continue.
Demonstration Guide
Cisco dCloud
8. Click Upload from Computer * Click to browse.
9. In the Windows Explorer tree, click Desktop. Select the onboard_only.xml file. Then click Open.
10. Click Submit and then Continue.
Demonstration Guide
Cisco dCloud
11. Finally, click Save and then Continue.
Demonstration Guide
Cisco dCloud
12. Click Submit.
13. Now we will repeat the process for the hostname template. Click New Template.
Note that on the Windows Workstation, you will find two XML files:
• Onboard_only.xml: Simply brings the IOS-XE under the management of MSX)
• Hostname.xml: Brings the IOS-XE under the management of MSX and changes the hostname
14. For Template Name, enter hostname, and provide a brief description. Then click Continue.
Demonstration Guide
Cisco dCloud
15. Click Upload from Computer * Click to browse.
16. In the Windows Explorer tree, click Desktop. Select the hostname.xml file. Then click Open.
17. Click Submit and then Continue.

Demonstration Guide
Cisco dCloud
18. Click Save and Hide.
19. Click Save and then Continue.
Demonstration Guide
Cisco dCloud
20. Click Submit.
Demonstration Guide
Cisco dCloud
21. You should now have two config variables loaded into MSX.
22. After you have successfully added the second template, click Managed Devices in the left-hand pane.
Then click Add Device.
23. Note that we have a few options here. You can add a single device manually, or add devices in bulk like we
did with the MSX SD-WAN walk through. In this case, we’ll add a few devices manually. But first, we need
to spin up our CSR1000v’s in dCloud.
Demonstration Guide
Cisco dCloud
NOTE: In the next release of this dCloud lab, we will add a Zero Touch Provisioning PNP option on a 3rd
CSR1000v. For this version, we will only add devices manually.
24. On the remote workstation desktop, double-click the VM Maestro icon. This brings you into the Cisco VIRL
simulator. (We’ve intentionally chosen this approach, as Cisco VIRL allows 3rd-party VNF’s to be
instantiated, which we will use to show 3rd-party MSX Managed Device support in a future release.) We
have pre-created a VIRL scenario with three Cisco CSR1000v devices.
Demonstration Guide
Cisco dCloud
25. To launch the devices, click the green Launch Simulation button.
26. You will eventually see a new tab and the router icons will turn green. Right-click on each green router icon
to view the options available for accessing the router console.
Demonstration Guide
Cisco dCloud
27. Navigate to the MSX GUI at http://198.18.134.2 and, if necessary, login with username superuser,
password superuser.
• Then press Enter. You should receive a fresh MSX portal.
Demonstration Guide
Cisco dCloud
28. In the left-hand pane, select Service Catalog. Then select Managed Device.
Demonstration Guide
Cisco dCloud
29. In the Select Tenant pull-down menu, select Coke.
30. Click Continue.
31. Click Get Started, and then Add Device.
Demonstration Guide
Cisco dCloud
32. In the Select Method section of the window, click Manual.
33. Click Continue.
Demonstration Guide
Cisco dCloud
34. In the Site Details section, enter the requested information, then click Continue.
35. In the Select Template section of the window, select onboard_only and click Continue.
Demonstration Guide
Cisco dCloud
36. In the Onboard Type section of the window, select Direct and then click Continue.
37. In the Device Details section of the window, enter the following details for this device. Then click Continue.
• IP address: 198.18.1.31
• Port: 22
• Username: cisco
• Password: cisco
• Secondary password: cisco
• Ned id: cisco-ios
• Device Type: cli
Demonstration Guide
Cisco dCloud
• Device Model: CISCO CSR 1000v
38. The Template Parameters section entry is simply for a variable that allows any device to be onboarded into
NSO with this template. In the Template Parameters subsection, enter aaa and then click Continue.
39. Scroll back up to the top of the page and click Submit.
Demonstration Guide
Cisco dCloud
40. You will see a message indicating that this device is being added to MSX management. Note that the
device icon begins as purple. Once it has been manually onboarded, it should turn blue. (Note that we add
metrics collection to devices that PNP, and as such those devices will show a green icon when healthy.
PNP example coming with router 3 shortly.) Wait until the device icon turns blue before proceeding.
Demonstration Guide
Cisco dCloud
41. While we’re here, let’s add a second device manually. This time, we will alter its hostname at the time of
bringing it under management. Click Add Device.
Demonstration Guide
Cisco dCloud
42. In the Select Method section of the window, select Manual, then click Continue.
43. In the Site Details window, enter the requested information and click Continue.
44. In the Select Template section of the window, select hostname and click Continue.
Demonstration Guide
Cisco dCloud
45. In the Onboard Type section of the window, select Direct, then click Continue.
46. In the Device Details section of the window, enter the following settings, then click Continue.
• IP address: 198.18.1.32
• Port: 22
• Username: cisco
• Password: cisco
• Secondary password: cisco
• Ned id: cisco-ios
• Device Type: cli
Demonstration Guide
Cisco dCloud
• Device Model: CISCO CSR 1000v
47. In the Template Parameters section of the window, enter bbb for the DEVICE_NAME, and enter new_host
for the HOSTNAME. Then click Continue.
48. Scroll up and click Submit.
Demonstration Guide
Cisco dCloud
49. You will see a message indicating that this device is being added to MSX management. Note that the
device icon begins as purple. Once it has been manually onboarded, it should turn blue after approximately
five minutes, and you will see both devices in the map view. You may have to refresh the page to see the
change in status. (Note that we add metrics collection to devices that PNP, and as such those devices will
show a green icon when healthy. PNP example coming with router 3 shortly.) Do not proceed until the
purple device icon turns blue.
Demonstration Guide
Cisco dCloud
50. Click over to device view (top right corner button), and explore these managed devices. For example, click
on the three dots (…) in the Chicago 6 row and then select View Configuration.
51. Scroll through the configuration. Note that our hostname is now active on the second device we onboarded.
Click Cancel to exit the window when you re done.
Demonstration Guide
Cisco dCloud
52. Before we move on, let’s apply a second, “stacked” template to the first device on which we performed an
“onboard_only” operation. Click the three dots (…) in the Chicago 5 row. Then select Apply Template.
53. Select hostname and click Continue.
54. Enter aaa for DEVICE_NAME. Enter UNIQUE_ROUTER for the HOSTNAME. Then click Save.
Demonstration Guide
Cisco dCloud
55. Click Continue.
56. Click Submit.
57. The Chicago 5 icon should turn purple signifying that it is being provisioned, then turns blue when the
operation is complete.
Congratulations, you have brought 2 routers under the management of MSX “Managed Devices”!!!
This conclude scenario 8.
Demonstration Guide
Cisco dCloud
Scenario 9. Cisco MSX Summary Dashboard

Value Proposition: In this scenario, we will highlight the Cisco MSX summary dashboard, and a few examples
of how to navigate the Operations User Interface.
Steps
1. In the left-hand pane of the MSX GUI, select Dashboard. This window provides a summary of all managed
services at the moment. We have not yet configured any SD-Branch services, so while that service is
available in the Service Catalog, we do not see it active in the main Dashboard. Note that this screen shows
color coded pie chart summaries. Our MSX Managed Device service is 100% blue (2 routers being manually
managed) – therefore that pie chart is 100% blue. Our MSX SD-WAN service is 100% green (one managed
SD-WAN service). So the “All” pie chart shows an accurate current summary: 33% green, and 66% blue.
(Yes we know – 33% + 66% is 99%.)
2. Click SD-WAN service.
Demonstration Guide
Cisco dCloud
3. You are shown a shortcut to the home screen for that service.
Demonstration Guide
Cisco dCloud
Demonstration Guide
Cisco dCloud
What’s Next?
Check out information related to this demo at:
• Cisco Managed Services Accelerator At-a-glance and Data sheet
• Getting Started with Cisco Managed Services Accelerator

Cisco - MSX 360

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Cisco - MSX 360

Загружено:

Авторское право:

Доступные форматы

Demonstration Guide

Cisco MSX 3.6.0 Walkthrough for

Created in Partnership with Solutions Readiness Engineers

About This Demonstration

About This Demonstration

About This Solution

Scenario 1. Explore some Cisco SD-WAN Basics

Scenario 2. Cisco MSX SD-WAN Control Plane Management

Scenario 3. Cisco MSX SD-WAN Managing Tenant Application Classification

Scenario 4. Cisco MSX SD-WAN Management of SD-WAN Path Preferences

Scenario 5. Verification of MSX Service Management in vManage

Scenario 6. MSX SD-WAN Bulk Site Provisioning

Scenario 7. Cisco MSX Swagger API

Scenario 8. Cisco MSX Managed Device

Scenario 9. Cisco MSX Summary Dashboard

Laptop Cisco AnyConnect®

About This Solution

Name Description Host Name (FQDN) IP Address Username Password

Cisco MSX Cisco MSX SD-WAN 198.18.134.2 n/a superuser superuser

vManage 198.18.134.40 198.18.134.40 admin admin

Router Node Details

Name IP Address Port Username Password

CSR1000v-1 198.18.1.31 22 cisco cisco

Node-2 198.18.1.32 22 cisco cisco

Node-3 198.18.1.33 22 cisco cisco

• Cisco MSX (dCloud Edition) 3.6.0

NOTE: It may take up to 20 minutes for your session to become active.

Scenario 1. Explore some Cisco SD-WAN Basics

This concludes scenario 1.

Scenario 2. Cisco MSX SD-WAN Control Plane Management

5. Click Add Tenant again.

6. Enter Pepsi and click Save.

10. Click Get Started to continue.

14. Click Submit.

This concludes scenario 2.

Scenario 3. Cisco MSX SD-WAN Managing Tenant Application Classification

• Mark the application with an appropriate QOS setting.

Let’s explore this a bit more.

7. Scroll down and click Apply.

8. Click Yes at the confirmation pop-up.

Scenario 4. Cisco MSX SD-WAN Management of SD-WAN Path Preferences

4. Scroll down and click Apply.

Scenario 5. Verification of MSX Service Management in vManage

9. Click Site to see MSX additions.

10. Click SLA Class to see MSX additions.

This concludes scenario 5.

Scenario 6. MSX SD-WAN Bulk Site Provisioning

The general procedure is as follows:

5. In the left-hand pane, select Tenants, then select Coke.

6. Click the sdwan icon.

7. In the left-hand pane, select Bulk Import.

11. A confirmation dialog box appears. Click Import Site Data.

15. The provisioning process begins.

19. Click the Configuration gear icon, then select Devices.

23. Scroll down a bit and click Add Site.

This concludes scenario 6.

Scenario 7. Cisco MSX Swagger API

4. You are taken to the root of the Swagger API reference.

7. Click the first function in the list: GET “/v1/dataplane/{tenantId}/site”.

Scenario 8. Cisco MSX Managed Device

3. From the Tenant pull-down menu, select Coke.

5. Click Get Started.

8. Click Upload from Computer * Click to browse.