Connect Secure SD-WAN Engines to the SMC

Saving an initial configuration allows you to establish a management connection for Secure SD-WAN Engines for the first time. If you are installing a new Secure SD-WAN Engine or want to replace a previous working configuration, you can save relevant parts of the configuration on a USB drive and import it during the Secure SD-WAN Engine installation.

Saving an initial configuration also allows you to reconnect previously configured Secure SD-WAN Engines that have lost the connection. This might be because of a missing or expired certificate or because the internal certificate authority that signs the Secure SD-WAN Engine certificates has been renewed and the Secure SD-WAN Engines have not yet received a new certificate signed by the new internal certificate authority.

When you save the initial configuration, a one-time password is created. This password is required if you use the Secure SD-WAN Configuration Wizard to configure Secure SD-WAN Engines.

By default, one-time passwords expire after 30 days if they are not used. You can optionally configure the expiration time in the Global System Properties dialog box.

The one-time password that is created is specific to each Secure SD-WAN Engine. Keep track of the passwords. If you mix them up or lose them, you can repeat the procedure and create new initial configurations.

If there is a Engine between the Secure SD-WAN Engine and the Management Server, allow the connection in the Engine’s Access rules. If there is a NAT device between the Secure SD-WAN Engine and the Management Server, also configure NAT rules for the connection.