Contact the Management Server on the command line

Provide the necessary information to allow the Secure SD-WAN Engine to establish contact with the Management Server.

1. If the control IP address is dynamic, select DHCPv4, SLAAC (IPv6), or DHCPv6.
   Note: The same protocol must be selected in the IP address properties in the Management Client.
2. If the Secure SD-WAN Engine uses PPP for management contact, define the PPPoE settings.
   1. Highlight the PPPoE v4 Settings or PPPoE v6 Settings as required, and then press Enter.
   2. On the PPPoE Settings dialog-box, fill in the account details according to the information you have received from your service provider.
   3. Highlight OK, then press Enter.
3. If the Secure SD-WAN Engine uses a modem for management contact, define the modem settings.
   1. Highlight Settings, then press Enter.
   2. On the Modem Settings page, enter the PIN code, then select OK.
      The same PIN code must be configured in the properties of the modem interface in the Management Client.
   3. Highlight OK, then press Enter.
4. If the control IP address is static, select Enter node IP address manually, then define the IP address of the Secure SD-WAN node.
   1. In the IP Address field, enter the IP address.
   2. In the Netmask/Prefix Length field, enter the netmask (IPv4) or prefix length (IPv6) of the network.
   3. If the Management Server is not in a directly connected network, enter the IP address of the next-hop gateway in the Gateway to management field.
5. If the control IP address is on a VLAN interface, select Use VLAN, Identifier, then enter the VLAN ID.
6. Select Contact or Contact at Reboot, then press the spacebar.
7. Enter the Management Server IP address or FQDN in the IP address/FQDN field.
8. (Optional) Enter the DNS server IP address for engine to use if Management Server was specified using FQDN.
9. Enter the Management Server one-time password.
   Note: The one-time password is engine-specific and can be used only for one initial connection to the Management Server. After initial contact has been made, the engine receives a certificate from the SMC for identification. If the certificate is deleted or expires, repeat the initial contact using a new one-time password.
10. (Optional) To use 256-bit encryption for the connection to the Management Server, select 256-bit Security Strength, then press the spacebar.
    Note: 256-bit encryption must also be enabled for the Management Server in the SMC.
11. (Optional) Highlight Edit Fingerprint, then press Enter. Fill in the Management Server’s certificate fingerprint (also shown when you saved the initial configuration).
    Filling in the certificate fingerprint increases the security of the communications.
12. Highlight Finish, then press Enter.
    The engine now tries to make initial contact with the Management Server. The progress is displayed on the command line. If you see a connection refused message, make sure that the one-time password is correct and the Management Server IP address is reachable from the node. Save a new initial configuration if you are unsure about the password.

    Note: If the initial management contact fails for any reason, you can start the configuration again with the sg-reconfigure command.