Establish contact between the Secure SD-WAN Engine and the Management Server.
Before you begin
Create a Single Engine element for each
Secure SD-WAN engine that you deploy in the AWS cloud.
Steps
-
On your computer, open a terminal program, then enter the following command to open an SSH connection to the command line of the Secure SD-WAN Engine using the aws user account:
ssh -i <your ssh private key>.pem aws@<aws instance public ip address>
-
On the command line of the Secure SD-WAN Engine, enter the following command to start the Secure SD-WAN Configuration Wizard:
-
Configure the general settings and network interfaces for the Secure SD-WAN Engine.
For detailed instructions, see the
Forcepoint FlexEdge Secure SD-WAN Installation Guide
.
-
On the Prepare for Management Contact page, select DHCPv4 or
DHCPv6.
-
Select Contact, then press the spacebar.
-
Enter the Management Server contact IP address and the one-time password.
You can copy and paste the one-time password from the Save or Upload Initial Configuration dialog box.
-
Highlight Finish, then press Enter.
The engine now tries to make initial contact with the Management Server. The progress is shown on the command line. If you see a connection refused message, make sure that
the one-time password is correct and that a route to the Management Server IP address has been configured for the
Secure SD-WAN Engine. Save a
new initial configuration if you are unsure about the password.
Note: If the initial management contact fails for any reason, you can start the configuration again with the
sg-reconfigure command.
Result
After you see notification that Management Server contact has succeeded, the engine installation is complete and the engine is ready to receive a policy. When the initial configuration is complete, the status of the Secure SD-WAN Engine element changes in the Management Client from
Unknown to No Policy Installed.
The connection state is Connected, indicating that the Management Server can connect to the node.
Next steps
Install a policy on the engine using the Management Client.