Skip to main content
Versa Networks

Configure Management Servers

  1. Last updated
  2. Save as PDF

Versa-logo-release-icon.pngFor supported software information, click here.

You can configure various network management servers, including DNS, NTP, SNMP, syslog, RADIUS, and TACACS+ servers. You can configure a management server as described in the following sections or as part of a main template. To configure a management server from a main template, see Configure Main Templates.

Configure a DNS Server

You can configure DNS servers so that they can be reached when they are located behind Controller nodes in a customer's data center. To do this, you use the overlay network in the control virtual router (VR). Configuring a DNS server in this way allows you to configure redundant DHCP forwarders.

To configure a DNS server:

  1. In Tenant view, select Configure > Secure SD-WAN > Servers & Settings > Management Servers.

    sd-wan-mgmt-servers-menu1.png

    The Management Servers screen displays with the Syslog tab selected by default.
  2. Select the DNS tab.
    • If you have not yet configured a DNS server, the following screen displays. Click Add DNS Server.

      add-dns-server2.png
    • If you have configured a DNS server, the Management Servers screen displays servers that are already configured. Click the + Add icon.

      sdwan-mgmt-servers-dns.png
  3. In the horizontal menu bar, you can perform the following operations.

    horizontal-menu-bar.png
     
    Operation Description
    Add Add a new management server. 
    Clone

    Clone the selected server. A popup window similar to the following displays.

     

    clone.png

    Rename the default name of the cloned server profile, if desired, and then click Submit.
    Delete

    Delete the selected server. A popup window similar to the following displays.

     

    delete.png

    Click Yes, Delete to delete the server profile, or click Cancel to retain the server profile.
    Refresh Refresh the list of existing profiles.
    More Actions

    Perform an action on the selected server:

    • View References—View the objects that refer to the selected server. 

      view-reference.png
    • Propagate—Propagate changes made to a server to any entities that use the server.
    • Copy to Subtenant—Select one or more subtenants to which to copy the server.

      copy-to-subtenant.png
  4. In the Add DNS Server screen, click the + Add icon.

    add-dns-server.png
  5. In the Add Server screen, enter information for the following fields.

    add-dns-server1.png
     
    Field Description
    Reachability via

    Select the network to use for reachability between the controller and the DNS server.
    Domain Name Enter the name of the domain in which the DNS server resides, and then click Enter to add the domain name. You can enter multiple domain names.
    IP Address (Required) Enter the IP address of the DNS server, and then click Enter to add the IP address. You can enter multiple IP addresses.
  6. Click Add Server. 
  7. Click Next or select workflow step 2, Permissions. See Configure Permissions, Review, and Submit the Management Server Profiles.

Configure an NTP Server

The Network Time Protocol (NTP) synchronizes the clocks running on different computer systems in packet-switched, variable-latency data networks. NTP synchronizes all participating systems to within a few milliseconds of Coordinated Universal Time (UTC). NTP obtains its time by polling an authoritative NTP server.

To configure an NTP server:

  1. In Tenant view, select Configure > Secure SD-WAN > Servers & Settings > Management Servers.

    sd-wan-mgmt-servers-menu1.png

    The Management Servers screen displays with the Syslog tab selected by default.
  2. Select the NTP tab.
    • If you have not yet configured an NTP server, the following screen displays. Click Add NTP Server. 

      add-ntp-server3.png
    • If you have configured an NTP server, the Management Servers screen displays servers that are already configured. Click the + Add icon.

      add-ntp-server2.png
  3. In the horizontal menu bar, you can perform the following operations.

    horizontal-menu-bar.png
     
    Operation Description
    Add Create a new management server. 
    Clone

    Clone the selected server. A popup window similar to the following displays.

     

    clone.png

    Rename the default name of the cloned server profile, if desired, and then click Submit.
    Delete

    Delete the selected server. A popup window similar to the following displays.

     

    delete.png

    Click Yes, Delete to delete the server profile, or click Cancel to retain the server profile.
    Refresh Refresh the list of existing profiles.
    More Actions

    Perform an action on the selected server:

    • View References—View the objects that refer to the selected server. 

      view-reference.png
    • Propagate—Propagate changes made to a server to any entities that use the server.
    • Copy to Subtenant—Select one or more subtenants to which to copy the server.

      copy-to-subtenant.png
  4. In the Add NTP Server screen, enter information for the following fields.

    add-ntp-server.png
     
    Field Description
    Version Select the NTP version.
    iburst Disabled Click to enable iburst on the server. Using iburst improves the time required for initial synchronization. With iburst, when the NTP server is unreachable, a burst of eight packets is sent instead of the usual one packet. When the server does not respond, packets are sent every 16 seconds. When the server responds, packets are sent every 2 seconds.
  5. In the Servers section, click the + Add icon, and then enter information for the following fields.

    add-ntp-server1.png
    Field Description

    Reachability via

    Select the network to use for reachability between the controller and the NTP server.
    Type

    Select the NTP server type:

    • IP Address
    • FQDN
    Value Enter the IP address or FQDN of the NTP server.

    Key ID

    Enter an ID for the authentication key.

    Range: 0 through 4294967295
    Default: None

    Trusted Disabled

    		 Click to enable the key as trusted.

    Key Type

    Select the key type:

    • MD5

    Value

    		 Enter an MD5 key value, which must be 32 characters .
  6. Click Add Server. 
  7. Click Next or select workflow step 2, Permissions. See Configure Permissions, Review, and Submit the Management Server Profiles.

Configure a RADIUS Server

RADIUS is a distributed client-server system that secures networks against unauthorized access. A RADIUS server provides an external database that you can use to authenticate users before allowing them to access a network, a device, or related services.

To configure a RADIUS server:

  1. In Tenant view, select Configure > Secure SD-WAN > Servers & Settings > Management Servers.

    sd-wan-mgmt-servers-menu1.png

    The Management Servers screen displays with the Syslog tab selected by default.
  2. Select the RADIUS tab.
    • If you have not yet configured a RADIUS server, the following screen displays. Click Add RADIUS Server. 

      add-radius-server1.png
    • If you have configured a RADIUS server, the Management Servers screen displays servers that are already configured. Click the + Add icon.

      add-radius-server4.png
  3. In the horizontal menu bar, you can perform the following operations.

    horizontal-menu-bar.png
     
    Operation Description
    Add Create a new management server. 
    Clone

    Clone the selected server. A popup window similar to the following displays.

     

    clone.png

    Rename the default name of the cloned server profile, if desired, and then click Submit.
    Delete

    Delete the selected server. A popup window similar to the following displays.

     

    delete.png

    Click Yes, Delete to delete the server profile, or click Cancel to retain the server profile.
    Refresh Refresh the list of existing profiles.
    More Actions

    Perform an action on the selected server:

    • View References—View the objects that refer to the selected server. 

      view-reference.png
    • Propagate—Propagate changes made to a server to any entities that use the server.
    • Copy to Subtenant—Select one or more subtenants to which to copy the server.

      copy-to-subtenant.png
  4. In the Add RADIUS Server screen, enter information for the following fields.

    add-radius-server3.png
     
    Field Description
    Actions Select one or both of the actions.
    • RADIUS Authentication
    		 Click the toggle to enable RADIUS authentication.
    • RADIUS Accounting
    		 Click the toggle to enable RADIUS accounting.
    Authentication Order

    Select the authentication order from the drop-down list:

    • Local-Then-Remote—User is authenticated by checking the local database first, then the remote database.
    • Remote-Then-Local—User is authenticated by checking the remote database first. If the remote database is unreachable, the local database is then searched.
    • Remote-Only—User is authenticated by checking the remote database only.
  5. In the Servers section, click the + Add icon, and then enter information for the following fields.

    add-radius-server2.png
     
    Field Description

    Reachability via

    Select the network to use for reachability between the controller and the RADIUS server.
    IP Address

    Enter the IP address of the RADIUS server.
    Authentication Key Enter the RADIUS key. The key can consist of numbers, letters, and special characters but it cannot include a hash mark (#) or spaces.
  6. Click Add Server.
  7. Click Next or select workflow step 2, Permissions. See Configure Permissions, Review, and Submit the Management Server Profiles.

Configure an SNMP Server

The Simple Network Management Protocol (SNMP) is an open standard networking protocol that is used for managing, monitoring, and organizing data about networking devices on both LANs and WANs.

To configure an SNMP server:

  1. In Tenant view, select Configure > Secure SD-WAN > Servers & Settings > Management Servers.

    sd-wan-mgmt-servers-menu1.png

    The Management Servers screen displays with the Syslog tab selected by default.
  2. Select the SNMP tab.
    • If you have not yet configured an SNNP server, the following screen displays. Click Add SNMP Server. 

      add-snmp-server1.png
    • If you have configured an SNMP server, the Management Servers screen displays servers that are already configured. Click the + Add icon.

      add-snmp-server.png
  3. In the horizontal menu bar, you can perform the following operations.

    horizontal-menu-bar.png
     
    Operation Description
    Add Create a new management server. 
    Clone

    Clone the selected server. A popup window similar to the following displays.

     

    clone.png

    Rename the default name of the cloned server profile, if desired, and then click Submit.
    Delete

    Delete the selected server. A popup window similar to the following displays.

     

    delete.png

    Click Yes, Delete to delete the server profile, or click Cancel to retain the server profile.
    Refresh Refresh the list of existing profiles.
    More Actions

    Perform an action on the selected server:

    • View References—View the objects that refer to the selected server. 

      view-reference.png
    • Propagate—Propagate changes made to a server to any entities that use the server.
    • Copy to Subtenant—Select one or more subtenants to which to copy the server.

      copy-to-subtenant.png
  4. In the Add SNMP Server screen, enter information for the following fields.

    add-snmp-server-step1.png
     
    Field Description
    Polling Click the toggle to enable polling that allows the server to gather real time information of a device. 
    Trap Click the toggle to send trap notifications.
    • Target Source Address
    		 Enter the IP address of the SNMP manager.

    Versions (Group of Fields)

    		 Select one or more SNMP versions.
    • Version 1
    		 Select to enable SNMP version 1.
    • Version 2c
    		 Select to enable SNMP version 2c.
    • Version 3
    		 Select to enable SNMP version 3.
    Servers (Group of Fields)  
    • IP Address
    		 Enter the IP address of the SNMP server.
    • Port
    		 Enter the port number to use to connect to the SNMP manager.
    • Reachability via
    		 Select the network to use for reachability between the controller and the SNMP server.
  5. Click Next or select workflow step 2, Communities and USM.
  6. Enter information for the following fields.

    add-snmp-server-step2.png
     
    Field Description

    Communities

    Enter one or more SNMP communities. A community comprises SNMP managers and monitored devices. The name serves as a password to authenticate community members to each other.
    User-based Security Model (USM)

    USM is a security framework used in SNMP to provide secure communication between SNMP devices and managers. USM is applicable to SNMP versions V3.
    • Username
    		 Enter a name for the local user.
    • Authentication Protocol (Required)

    Select the type of authentication protocol:

    • MD5
    • SHA
    • Authentication Type

    Select the authentication type:

    • Key
    • Password
    • Authentication Value
    		 Enter the authentication key or password to use with the authorization protocol.
    • Privacy Protocol
    		 Select the privacy protocol:
    • AES
    • DES
    • Privacy Type

    Select the privacy type:

    • Key
    • Password
    • Privacy Value
    		 Enter the privacy key or password to use with the privacy protocol.
  7. Click Next or select workflow step 3, Permissions. See Configure Permissions, Review, and Submit the Management Server Profiles.

Configure a Syslog Server

A syslog server consolidates logs from multiple sources into a single location. Syslog messages report about conditions that occur on a device, and you can use the information they contain to help identify basic information about where, when, and why a condition occurred. A syslog message contains the IP address, timestamp, and a log message. You configure a syslog server for each appliance.

To configure a syslog server:

  1. In Tenant view, select Configure > Secure SD-WAN > Servers & Settings > Management Servers.

    sd-wan-mgmt-servers-menu1.png

    The Management Servers screen displays with the Syslog tab selected by default.
  2. Select the RADIUS tab.
    • If you have not yet configured a syslog server, the following screen displays. Click Add Syslog Server. 

      add-syslog-server.png
    • If you have configured a Syslog server, the Management Servers screen displays servers that are already configured. Click the + Add icon.

      add-syslog-server-1.png
  3. In the horizontal menu bar, you can perform the following operations.

    horizontal-menu-bar.png
     
    Operation Description
    Add Create a new management server. 
    Clone

    Clone the selected server. A popup window similar to the following displays.

     

    clone.png

    Rename the default name of the cloned server profile, if desired, and then click Submit.
    Delete

    Delete the selected server. A popup window similar to the following displays.

     

    delete.png

    Click Yes, Delete to delete the server profile, or click Cancel to retain the server profile.
    Refresh Refresh the list of existing profiles.
    More Actions

    Perform an action on the selected server:

    • View References—View the objects that refer to the selected server. 

      view-reference.png
    • Propagate—Propagate changes made to a server to any entities that use the server.
    • Copy to Subtenant—Select one or more subtenants to which to copy the server.

      copy-to-subtenant.png
  4. In the Add Syslog Server screen, click the + Add icon in the Servers section.

    add-syslog-server-2.png
     
  5. In the Add Server screen, enter information for the following fields.

    add-syslog-server-3.png
     
    Field Description

    Reachability via

    Select the network to use for reachability between the controller and the syslog server.
    IP Address

    Enter the IP address of the syslog server.
    Protocol

    Select the protocol:

    • TCP
    • UDP
    Port Enter the port number to use to connect to the syslog server.
  6. Click Add Server. 
  7. Click Next or select workflow step 2, Permissions. See Configure Permissions, Review, and Submit the Management Server Profiles.

Configure a TACACS+ Server

TACACS+ provides detailed accounting information and flexible administrative control over authentication and authorization processes. A TACACS+ server provides an external database that you can use to authenticate users before allowing them to access a network, a device, or related services.

To configure a TACACS+ server:

  1. In Tenant view, select Configure > Secure SD-WAN > Servers & Settings > Management Servers.

    sd-wan-mgmt-servers-menu1.png

    The Management Servers screen displays with the Syslog tab selected by default.
  2. Select the TACACS+ tab.
    • If you have not yet configured a TACACS+ server, the following screen displays. Click Add TACACS+ Server. 

      add-tacacs-server.png
    • If you have configured a TACACS+ server, the Management Servers screen displays servers that are already configured. Click the + Add icon.

      add-tacacs-server1.png
  3. In the horizontal menu bar, you can perform the following operations.

    horizontal-menu-bar.png
     
    Operation Description
    Add Create a new management server. 
    Clone

    Clone the selected server. A popup window similar to the following displays.

     

    clone.png

    Rename the default name of the cloned server profile, if desired, and then click Submit.
    Delete

    Delete the selected server. A popup window similar to the following displays.

     

    delete.png

    Click Yes, Delete to delete the server profile, or click Cancel to retain the server profile.
    Refresh Refresh the list of existing profiles.
    More Actions

    Perform an action on the selected server:

    • View References—View the objects that refer to the selected server. 

      view-reference.png
    • Propagate—Propagate changes made to a server to any entities that use the server.
    • Copy to Subtenant—Select one or more subtenants to which to copy the server.

      copy-to-subtenant.png
  4. In the Add TACACS+ Server screen, enter information for the following fields.

    add-tacas-server-step1.png
     
    Field Description
    Actions Select one or both of the actions.
    • TACACS+ Authentication
    		 Click the toggle to enable TACACS+ authentication.
    • TACACS+ Accounting
    		 Click the toggle to enable TACACS+ accounting.
    Authentication Order

    Select the authentication order from the drop-down list:

    • Local-Then-Remote—User is authenticated by checking the local database first, then the remote database.
    • Remote-Then-Local—User is authenticated by checking the remote database first. If the remote database is unreachable, the local database is then searched.
    • Remote-Only—User is authenticated by checking the remote database only.
  5. In the Servers section, click the + Add icon.

    add-tacas-server-step1-a.png
     
    Field Description

    Reachability via

    Select the network to use for reachability between the controller and the TACACS+ server.
    IP Address

    Enter the IP address of the TACACS+ server.
    Authentication Key Enter the TACACS+ key. The key can consist of numbers, letters, and special characters but it cannot include a hash mark (#) or spaces.
  6. Click Next or select workflow step 2, Permissions. See Configure Permissions, Review, and Submit the Management Server Profiles.

Configure Permissions, Review, and Submit the Management Server Profiles

  1. In the Add Server profile screen, select workflow step 2, Permissions. 
  2. The permission for each role is selected by default, and you can update it. To change permissions for a role, select or deselect the Create, Read, Update, and Delete fields for the role.

    add-dns-server-permissions.png
  3. Click Next or select workflow step 3, Review and Submit.
  4. In the General section, enter a name for the DNS server. You can also enter a text description for the server and one or more tags. A tag is an alphanumeric text descriptor with no spaces or special characters. You can specify multiple tags added for the same object. The tags are used for searching the objects.

    add-dns-server-review-submit.png
  5. Review the settings you have selected. Click the edit-icon.png Edit icon to change a setting, as needed.
  6. Click Submit.

Supported Software Information

Releases 13.1.1 and later support all content described in this article.