Connect Secure SD-WAN Engines to the SMC
Save the initial configuration to enable the Secure SD-WAN Engines to connect to the SMC.
Saving an initial configuration allows you to establish a management connection for Secure SD-WAN Engines for the first time. If you are installing a new Secure SD-WAN Engine or want to replace a previous working configuration, you can save relevant parts of the configuration on a USB drive and import it during the Secure SD-WAN Engine installation.
Saving an initial configuration also allows you to reconnect previously configured Secure SD-WAN Engines that have lost the connection. This might be because of a missing or expired certificate or because the internal certificate authority that signs the Secure SD-WAN Engine certificates has been renewed and the Secure SD-WAN Engines have not yet received a new certificate signed by the new internal certificate authority.
When you save the initial configuration, a one-time password is created. This password is required if you use the Secure SD-WAN Configuration Wizard to configure Secure SD-WAN Engines.
By default, one-time passwords expire after 30 days if they are not used. You can optionally configure the expiration time in the Global System Properties dialog box.
The one-time password that is created is specific to each Secure SD-WAN Engine. Keep track of the passwords. If you mix them up or lose them, you can repeat the procedure and create new initial configurations.
If there is a Engine between the Secure SD-WAN Engine and the Management Server, allow the connection in the Engine’s Access rules. If there is a NAT device between the Secure SD-WAN Engine and the Management Server, also configure NAT rules for the connection.