Skip to content

Setting Up AWS Cloud WAN with Cisco SD-WAN Cloud onRamp

This guide will walk you through the process of configuring AWS Cloud WAN integration with Cisco SD-WAN using the Cloud onRamp for Multicloud feature in vManage.

Prerequisites

Note: These are provided in dCloud, but will be needed if configuring in your own account

  • Access to vManage interface
  • C8Kv device list already uploaded to vManage
  • AWS account with appropriate permissions
  • Access and Secret keys for AWS account

Lab Environment Setup

Step 1: Access the Lab Environment

  1. Navigate to your dCloud session and select Jumphost.

  2. On the left panel, click Web RDP to launch the Windows instance in your browser.

    Access Web RDP

  3. If the browser is not already open, click the browser launch icon to access the AWS portal.

    Launch Browser

  4. Click Send Request in the AWS account request box. The system will show a "Loading..." status while processing.

    Request AWS Account Loading Status

  5. For optimal experience, access the AWS console through your local browser:

    • Right-click the URL and select "Copy"
    • Open your local browser (outside the RDP session) and paste the URL
    • Wait approximately 5 minutes for account provisioning
    • Click Go to Cloud when the button becomes available

    Note: Safely proceed to the next step while you wait for account provisioning

    Copy AWS URL AWS Portal Ready

Step 2: Access vManage in Your Local Browser

  1. Return to your dCloud session in your local browser and click Info at the top, then select AnyConnect Credentials.

    AnyConnect Credentials

  2. Open AnyConnect VPN client and enter the provided VPN domain.

    AnyConnect Setup

  3. Enter the DemoUsername and DemoPassword provided in the dCloud portal.

    VPN Authentication

  4. After connecting to the VPN, open a new browser tab and navigate to: 198.18.133.10

  5. Click Advanced, then Proceed...(unsafe) to bypass the certificate warning.

    Certificate Warning Proceed Unsafe

  6. Log in to the vManage environment using:

  7. DemoUsername: admin

  8. DemoPassword: C!sco12345

    Login to vManage You now have access to both an AWS account and the vManage environment needed to complete this lab.

Configuration Steps

Step 1: Prepare the Device Template

  1. Open the Cisco SD-WAN Manager menu and navigate to Configuration > Templates

    Homepage

  2. Locate the aws-cat8kv-multicloud template (you might need to change Template Type to Non-Default ), then click the 3 dots to the right for edit

    Device Templates Screen

  3. Edit the template and add a service VPN

    • You can use the Default_VPN_1_Cisco_V01 that comes as a default template

      Note: Adding a service VPN is required for Cloud onRamp functionality.

    Add Service VPN

    VPN_1

    Note: Leave Empty and click Add. The Cloud onRamp automation will create everything else you need.

    Leave Empty

  4. Save the template with a new name, for example: aws-cat8kv-multicloud-service-vpn-added

Step 2: Attach Devices to the Template

  1. After saving the template, click on the Attach Devices option

    Attach Devices

  2. Select the two devices you want to use for the AWS Cloud WAN integration

    • dCloud comes with licensed devices, select any two that start with C8K-

    Select Devices to Attach

  3. Edit each device to configure the required settings: Each device will have the same Site ID but different System IPs

    • Device 1:
      • Color: biz-internet
      • Hostname: test1
      • System IP: 20.20.20.1
      • Site ID: 20
    • Device 2:
      • Color: biz-internet
      • Hostname: test2
      • System IP: 20.20.20.2
      • Site ID: 20

    Edit Device Template

    Device 1

    Device 2

  4. Explore created Config and then move to next step

    Note: Service VPN is under VRF1
    Cloud Global Settings

Step 3: Configure Cloud OnRamp for Multicloud

  1. From the Cisco SD-WAN Manager menu, navigate to Configuration > Cloud OnRamp for Multicloud

  2. Connect your AWS account by providing AWS Access and Secret keys

    AWS Access

  3. Under Cloud Global Settings, click Add

    Global Settings Add

  4. Complete the Cloud Gateway Global Settings

    Note: For the IP subnet pool, you can use the smart default suggested or leave it blank and configure during the gateway creation process.

    Cloud Gateway Configuration

Step 4: Create Cloud Gateway

  1. On the Cloud OnRamp dashboard, click Create Cloud Gateway

  2. Fill in the required details:

    • Use software version 17.13
    • Set the IP subnet pool CIDR for your Transit VPC
    • Set Tunnel count (typically 1 for 8kv to AWS connections)
    • No SSH key is required
    • UUIDs will be added automatically when the site is selected
    • The site will be created automatically if it was defined in the template devices

    Gateway Deployment Deployment In Progress

  3. Wait for the deployment to complete

    • This process takes approximately 30 minutes as it configures all required components in AWS using SDK calls (not Cloud Formation)

Conclusion

You have now successfully set up AWS Cloud WAN integration with Cisco SD-WAN using Cloud onRamp for Multicloud. The deployed configuration establishes secure connectivity between your SD-WAN fabric and AWS network infrastructure.